Protecting an organization from cybercrimes is increasingly important as businesses modernize, digitally transform, and move to the cloud.
Too often, cybersecurity is looked at as an overly complicated endeavor. Don’t get me wrong, it is essential for any organization to have strong protocols in place to protect from cybercrimes. But getting the basics right already gets you pretty far! That is increasingly the case as organizations undergo digital transformations, migrate to cloud, and make use of new technologies.
According to the Texas Insurance Blog, an unlocked car was a factor in about half of the 17,000 stolen cars in the state from 2017 to 2019. Although a car lock can be beaten, it is a sufficient security measure in many cases. This is because many of those attempts are crimes of opportunity where a simple lock is a sufficient deterrence.
Likewise, most IT managers know that company server logs are polluted with cybersecurity attack attempts. In fact, cyber crimes are a common occurrence. Web Arx Security reports that 30,000 websites are hacked daily. If we think of cybersecurity in a similar fashion to a crime of opportunity, there are similar protections that could be applied that could keep a large portion of hackers out.
The same way locking your car can protect you from potential crimes, doing these three things can protect your devices: changing passwords regularly, updating firmware, and renewing SSL certificates.
See also: Cybersecurity Will Shift in 2023 Thanks to AI
Strengthening password security
A study from Google and Harris Poll found that 59% of adults in the U.S. use something easy to guess (like a name or a birthday) in a password. Even worse, a GitHub page shows the most popular passwords are some variation of “123456”, “Password,” and even “abc123.” But probably the most concerning statistic of all: Google concluded that less than half of Americans said they would change their password if they discovered their account had been breached, a time when it is already too late to protect personal information.
While technology like PassGan has been used to predict more than a quarter of LinkedIn profile passwords, IT experts believe they can use that information to actually educate others on common passwords, identify the people who need more passwords, and even conduct cybersecurity training among workplaces.
It’s recommended by most cybersecurity experts that, depending on the account, passwords should be updated every 30, 60, or 90 days. Establishing policies for strong and complicated passwords, in addition to changing them regularly, safeguards accounts.
See also: Why Organizations Should Adopt the Cybersecurity Risk Optimization Approach
Maintaining system updates
The attitude towards cybersecurity doesn’t change much in regard to software updates. The National Cybersecurity Alliance’s 2022 Cybersecurity Behaviors and Attitudes Report found that 12% of people “rarely” or “never” complete updates, while another 25% said only “sometimes.”
Updating firmware is an important part of cybersecurity practices that can help protect your devices from security threats and cyber crimes.
Firmware updates might include bug fixes, security patches, and other improvements that can thwart a cyber attack. These updates apply to the firmware that runs your operating systems, antivirus software, but also web browsers, email accounts, and other applications on any of your devices.
See also: Rapid Cloud Adoption Requires SOAR-based Cyber Security
Renewing SSL certificates
SSL (Secure Sockets Layer) certificates play a crucial role in the cybersecurity of web servers and sites. These certificates establish a secure connection between a web browser and a web server. The certificate is granted by a trusted third party who confirms to your web browser that you are receiving the website you are expecting from its true source (that company’s web server). The certificate encrypts the information transmitted between them and protects sensitive data from being intercepted and stolen by hackers. SSL certificates protect everything from usernames and passwords to credit card numbers and other personal or financial information.
You can tell if a website is using an SSL certificate if the URL begins with “https” instead of “http” and a padlock icon appears in the address bar of the web browser.
SSL certificates require regular updates, renewal, or replacement in order to ensure security. They typically have an expiration date that can range from one to three years. While they can expire, SSL certificates might also need to be updated to address security vulnerabilities. Updating certificates is the job of the server administrator. As a user, if you see an error related to that site’s SSL certificate, proceed with caution, as you may have landed on a fake website masquerading as your intended destination.
Protecting an organization from cybercrimes doesn’t have to be complicated. It starts with some basic—but extremely important—safeguards, including making passwords more secure, staying on top of system updates, and keeping SSL certificates updated. This is not going to stop all hackers from trying to wreak havoc on your organization—but it will at least ensure they can’t come in through an unlocked door!