Did you know that October is National Cybersecurity Awareness Month? We're using this month as a chance to highlight how you can keep yourself and your information safe online. From using complex passwords to being wary of suspicious emails, here we talk about the importance of cybersecurity and provide some tips on how you can protect yourself.
What is Cybersecurity?
To protect yourself online, you first need to understand what cybersecurity is and why it's important. The good news is that cybersecurity is likely more straightforward than you think.
According to the Cybersecurity & Infrastructure Security Agency (CISA), cybersecurity is "the art of protecting networks, devices, and data from unauthorized access or criminal use and the practice of ensuring confidentiality, integrity, and availability of information." This is a long way to say, "protect yourself and others online." Cybersecurity can come in many forms, from complex codes and cloud software to the passwords you set and the websites you visit.1
This year's theme for National Cybersecurity Awareness Month is "See Yourself in Cyber." The CISA explained that this theme "demonstrates that while cybersecurity may seem like a complex subject, ultimately, it's really all about people."
Let's look at how you can be an essential part of cybersecurity and make smart decisions online.
How to Protect Yourself Online
As you work to "See Yourself in Cyber" and recognize your role in cybersecurity, here are some things you can do to protect yourself online.
Enable Multi-Factor Authentication
Multi-factor authentication (sometimes called 2FA or two-factor authentication) is when you set up more than one way to verify your identity when logging into sites like your email account. First, you type in your password. Then, you have to verify your identity on another device, such as a smartphone, to confirm that it's you trying to log in. In addition to this extra layer of protection, you will also get notifications anytime someone tries to log into your accounts.
If you get a notification that someone is trying to log into your accounts and you didn't authorize this activity, report it right away. But be wary of any 2FA notifications that you didn’t trigger and that ask you to click a link to report suspicious activity. Don’t use those links – instead, access the website in question directly, consider changing your password, and report the unauthorized 2FA activity.
Use Strong Passwords
Creating a strong password is one of the best things you can do to protect your online accounts. According to LastPass, the two most common ways hackers try to get your passwords are by credential stuffing or password spraying.2
Credential stuffing is when bots test every username and password in their system to see if anything works. Password spraying is when they use common or known passwords that have appeared in a data breach to see if any of these passwords work with a particular email address.3
Because of this, you should always use unique passwords for every site, and your passwords should have a combination of uppercase and lowercase letters, numbers, and special symbols. They should also be at least 12 characters long whenever possible, though some sites may have limitations on how many and which characters can be used.3 Trying to remember all of these different passwords would be impossible, so we recommend password managers such as LastPass, Dashlane, or 1Password.
Update Your Software
You may be tempted to always click "Update Later" on those annoying software update notifications, but software and app updates contain important security fixes that can help keep you safe. These security fixes must be separately updated on the operating system as well as the individual applications used.
These software updates protect your computer, your smartphone, tablet, and any other device you may use to connect to the Internet. According to the CISA, software updates are the most effective measure you can take to protect your digital devices because they are the best defense against attackers exploiting patched vulnerabilities. The CISA also shared a few other tips about software updates:
- To minimize your risk, consider setting up automatic software updates.
- Only download software updates from trusted vendor websites. Don't trust a link in an email or text message, especially if you don't know the sender.
- Avoid software updates while using untrusted or unsecured networks (such as the WiFi at hotels, the airport, the library, or a coffee shop).4
We all play a role in keeping each other safe online. This year, for National Cybersecurity Awareness Month, take these steps to protect yourself online, and don't forget to share these tips with friends and family to help them stay safe.
This content is developed from sources believed to be providing accurate information, and provided by Strategic Financial Planning, Inc. Please consult legal or tax professionals for specific information regarding your individual situation. The opinions expressed and material provided are for general information, and should not be considered legal or tax advice.