[BreachExchange] Cybersecurity: Best Practices

Audrey McNeil audrey at riskbasedsecurity.com
Thu May 31 19:02:08 EDT 2018


The recent attacks on some of our largest international corporations have
left a meteoric hole in our beliefs about the safety of the internet. The
supine response of these corporations has left a bad taste in our mouths
and have beleaguered our sense of security. Considering this, we are now
collectively understanding the importance of cybersecurity. It is an issue
that affects individuals and businesses alike with potential ramifications
that can be the life or death of anyone or anything.

Therefore, it is incredibly important to stay diligent and informed about
all hacks and breaches wherever they might occur. Even with the
congressional action taken, it is by no means a resolved issue. In 2014
there were 14 million small businesses hacked alone which is an absurd
number. This is primarily due to their inability to prevent a cyber threat
or deal with digital breach. Hackers are known to bug ads on small business
websites and use them as portals to individual’s personal networks. The
small businesses are also easily breached, and, with minimal pen testing,
they can be exposed to malicious actors who want credit card details and
the like.

This is simply because most business owners and individuals do not know how
to adequately protect themselves digitally. Some, unsurprisingly, still do
not find that they need to secure themselves because they have purchased a
well-known antivirus software package. This, again unfortunately, is not
enough to stop a targeted attack although they can root out existing pups
and can screen webpages. No, in fact, it is up to all of us to become
better educated on how to prevent targeted attacks from being so effective
and to better prepare to dissuade malicious actors in the first place.

Passwords Are The Front Line

One thing that is known to be true in the world of cybersecurity is that
the password can make or break your security altogether. This is not to say
that a good password is all you need, but, it can dramatically reduce your
targeting and can make life hard on those who want to infiltrate your
systems. A proper, strong password consists of a few variables like a
length of at least 8 characters, alphanumeric characters with mixed cases
and special characters.

These properties combine to make a serious roadblock for anyone who wishes
to access your information without permission. It is, unfortunately,
oftentimes overlooked and scoffed at as a useless annoyance. Truthfully, it
is an invaluable tool that can make your critical systems impervious to
physical attacks. Just always be sure to store the password(s) in a safe
location either physical or digital.

Protect Everything with Encryption

Using encryption is key to having a robust self implemented security system
for your digital information and data. It is not as difficult as it sounds
and can grant you a certain peace of mind as your data is behind multiple
walls. Essentially you are password protecting every file in your computer
including very important architecture that your system relies on to
operate. This type of file protection is key to mitigating damage in the
event of a successful hack and dissuading certain hackers from going any

For a business, it can slow down the event of a hack and allow for a quick
and measured response. Adopting incredible and cutting-edge tech is
sometimes a great option. There are simpler, cheaper fixes as well. There
is also the matter of encrypting your physical ports so that your systems
do not allow access to any unknown devices. This can nullify any physical
attempts on your computer that use a USB or Disk of any kind. The
initialization of this type of security can be the defining line between
good security and horrible loopholes.

Defend Yourself with VPN

VPNs, or virtual private networks, are secure networks that essentially
hide your data online and prevent Wi-Fi scanners from detecting your
computer on public networks. They basically simulate a private environment
wherever you go. This prevents hackers from compromising your connection
and using it to transfer malware or other vicious software to your computer.

It can also obscure your location and details to make sure that any
information that is intercepted without permission will be, at the very
least, incorrect. There are a few services that are both free and premium
that provide VPN services, choosing one is matter of need.


We all are too aware of the great need for cybersecurity in our lives. As
we now know, if we do not implement our own system then we will be left
high and dry, sometimes even compromised by our most trusted sites. By
using strong passwords, encrypting files and using VPNs we can assure that
our information will be safe as it can be under the regime of our own
volition. Time will hopefully mend the mistrust between people and
businesses, but in the meantime, it is imperative that you implement the
best system you can.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20180531/2b70a941/attachment.html>

More information about the BreachExchange mailing list