“If you connect it, protect it” is a short and simple slogan that we’ve taken straight from this year’s Cybersecurity Awareness Month (CSAM).
We wrote about CSAM last week, on the first of the month, to explain why we think CSAM is still worth supporting, for two main reasons.
The first reason is that it’s an annual prod to all of us to reach out to our friends and family who still think that “it’ll never happen to me”, or that “I’m too unimportant for the crooks to go after my data.”
The thing is, as we explained last week, that the crooks don’t have to “go after you” to get hold of your data.
After all, they might get hold of it, along with personal information about thousands or even millions of other people, as the side-effect of a blunder by a company that didn’t protect its customers’ data well enough.
And if they do get hold of any PII (personally identifiable information), there’s very little to stop them using it against you right away, or from passing it on as a “data dump” to other crooks to use for nefarious purposes.
Many cybercrimes that are dubbed targeted attacks happen the other way round to how many people think of them.
Simply put, sometimes the crooks come after you because you happen to be the next person on their list, not because they chose specifically to dig into your affairs in order to get you onto the list.
You can also listen directly on Soundcloud.
The second reason to support CSAM is that it’s a handy reminder to review all the cybersecurity precautions that you’ve already taken, or think you’re taking, to make sure that they’re actually working as you intended.
For example, wherever you’ve turned on automatic updating, why not take the time to go and review all your recent updates?
If you’ve been making regular backups throughout the year, do you still know how to mount and restore them safely and quickly if the need arises?
How about all those home devices you’ve installed recently, from internet-enabled doorbells to smart electricity meters and home thermostats?
For example, you may have enabled data collection features (what’s known as telemetry in the jargon) that you thought would be useful and that you’d use regularly, but that you haven’t used at all and therefore might as well turn off.
What to do?
You can use CSAM, which gets enough publicity that you are unlikely to miss it even if you don’t put it in your own diary, as an incentive to do all of the following:
- Make sure your own cybersecurity precautions are up to scratch. Best-practice advice may have moved on since last year, so take the opportuntity to go and check if last year’s precautions are still considered good enough, or whether you ought to make any useful improvements.
- Make sure your own cybersecurity precautions are working as you intended. Don’t just assume that your router has the latest firmware or that your Java Runtime Environment is up to date. Go and take a look and mark it off your list.
- Make sure your own cybersecurity precautions are a good example to others. For instance, if your website still doesn’t have a TLS certificate, go and get one; if you’ve been putting off adopting 2FA or updating your passwords from
secret99, go and do it now.
Remember: if you connect it, whether it’s a computer, an IoT device or an online account, protect it!
Even if you don’t think it’s necessary for “little old you”, please do it for the rest of us, because cyberinsecurity on your part affects everyone else, too.
Oh, and do it because friends don’t let friends get scammed.