By DeVry University
January 26, 2023
9 min read
Striking personal computer networks as well as those in the workplace, attacks by motivated and diligent cybercriminals continue to be a major concern for consumers, financial institutions, healthcare systems and other organizations. This makes keeping data systems and consumers safe a top priority for cyber security professionals.
In this article we will explain why cyber security awareness is critical and outline some cyber security tips that you can use to help prevent yourself or your organization from becoming the next victim of cybercrime.
What is Cyber Security?
Cyber Security, which is sometimes called information technology (IT) security, is the practice of keeping data networks and devices safe from internal and external cyberattacks. This typically involves a range of tools and methodologies like testing, ethical hacking, diligence and cyber security awareness practices such as smart password management which individuals and organizations can use to avoid being victimized by a cyberattack.
Another aspect of cyber security is consumer education. As consumers enjoy the convenience of shopping, browsing, paying bills and socializing through internet-connected devices it’s important to learn how to stay safe online.
Why is Cyber Security important?
Data systems and computer networks in ecommerce, healthcare, banking and other pillars of our global economy depend on the safe, secure and efficient operation of computer networks. When a data system is breached by a cyberattack, the result can be a catastrophic loss of data, theft of sensitive consumer, financial or medical information, the loss of revenue or paralysis of a system causing a substantial financial loss to those affected.
According to a roundup of cyber security statistics by the antivirus software maker Norton:
- Global cybercrime costs are expected to reach $10.5 trillion annually by 2025.
- More than half of all consumers have experienced a cybercrime, with around 1 in 3 falling victim in 2020 alone.
- In 2020, the FBI received more than 2,000 internet crime complaints per day.
- The healthcare industry is expected to spend $125 billion on cybersecurity between 2020 and 2025.
How to Stay Safe Online
Staying safe online begins by following some basic cyber security tips. Here are a few simple steps that you can implement without technical knowledge or cyber security experience.
Don’t Share Personal Information
Keeping personal information secure is vital to good cyber hygiene. Cyber security tips to help prevent identity theft and protect your personal information include:
- Avoid phishing scams by verifying the sender before opening, clicking or replying to email messages. Don’t give out personal identification to unprotected or unofficial websites.
- Avoid using public Wi-Fi when accessing work servers or software, which may not be encrypted and can leave your device and personal information open to hackers.
- Don’t volunteer information to strangers or new acquaintances unless you know you can trust them, or someone you trust can vouch for them.
Set Up Two-Factor Authentication
You may have heard the term Multi-Factor Authentication with regard to secure log-in procedures. Two-factor authentication (2FA) is a type of multi-factor authentication requiring two different identification types before granting log-in access. Whenever possible, use two-factor authentication log-in options on online platforms where you shop, do your banking or pay bills.
Use Only Secure Public Wi-Fi
When learning how to stay safe online, it’s important to know that Wi-Fi hotspots in coffee shops, airports, hotels and other public places are convenient, but according to consumer protection advice from the Federal Trade Commission (FTC), they are often not secure. New hacking tools make it easy for a hacker to hijack your session and log in as you, giving them access to your personal information. The FTC offers these steps to protect your personal information when using public Wi-Fi networks:
- Don't connect to public Wi-Fi networks or random hotspots unless you trust them or have antivirus software, firewalls or a virtual private network (VPN) app running in the background.
- Use mobile data instead of Wi-Fi, as mobile data is usually encrypted. If you don’t have the option of using a secure website and have no VPN encryption, this is a good option.
- Always assume that a public W-Fi network isn’t secure. Don’t access your personal or financial information.
- Don’t stay permanently signed in to accounts. When your session is finished, log out.
- Change your device’s settings so that it does not automatically connect to nearby Wi-Fi networks. This gives you more control over when and how you use public W-Fi.
Use Antivirus and Antimalware Software
A computer running without antivirus or antimalware software or a strong firewall is an open invitation to cybercriminals. Malware (shorthand for malicious software) performs unwanted and malicious actions that affect your computer’s performance and data, and can be downloaded unintentionally through emails or cleverly disguised download offers on websites. Antivirus software generally works in several ways – detecting viruses and malicious code in computer systems, removing them and preventing them from infecting your computer in the future.
Viruses can cause trouble in several ways:
- Slowing down your computer
- Damaging or deleting files
- Reformatting your computer’s hard drive
- Causing crashes or data loss
- Preventing your computer from performing tasks
Use Strong Passwords
It’s good practice to use strong passwords that contain a combination of upper and lower-case letters, numbers and special characters, and do not contain information that hackers could easily guess, such as your street address. Don’t use the same password for more than one account, since that would give a successful hacker access to multiple sources of personal information, compounding the damage caused by an intrusion.
Don’t Click Suspect Links
Viruses and malware are often spread through links in email messages. Is that message really from someone you know? Even if it appears to be legit, it could be from an imposter. Does the sender’s signature at the bottom of the message look different? Is the tone of their message more or less formal than a typical email from this sender? Be extra cautious and avoid clicking on any links in the message unless you’re absolutely sure the email and the link it contains are both legitimate. If you’re not sure, send a separate email to the contact asking them to verify the message.
Cybersecurity Tips for Businesses
Cyber security should be a major concern for businesses of all sizes, from the mom-and-pop retailer to the multinational corporation with vast data centers. These tips can help to keep your business’s network secure.
Train Your Employees in Basic Security Practices
Cyberattacks targeting businesses will try to fool a single staff member into taking an action that provides enough information to compromise the entire organization. That is why it is so important for every business to provide basic cyber security training to all employees. Remote workers should be familiar with cyber security measures because they work with company data, but it’s likely their home’s network may not be as secure as the one back at the office.
Social engineering defines a category of tactics used by cybercriminals to gain the trust of their targets by using the psychology of persuasion. In a typical social engineering attack in a business environment, the cybercriminal will often present themselves as someone from within the organization – say a member of the IT or HR department – and persuade the victim to take an action that will give the hacker access to sensitive company data.
Two types of attacks using social engineering against business targets include:
- Watering hole attacks: In this type of attack cybercriminals set a trap by compromising a website they think is likely to be visited by a particular group, rather than targeting the group itself. Attackers compromise the website (the watering hole), single out an individual from the group, then carry out further attacks once that individual’s device has been compromised.
- Business email compromise attacks: In this form of email fraud the attacker impersonates a C-level executive and attempts to trick the intended victim into performing a common business function for an illegitimate purpose, such as wiring money to him.
Use Two-Factor Authentication
Businesses should use two-factor authentication (2FA) to prevent cybercriminals from stealing, destroying or accessing your business’s internal data records. When using 2FA, most websites use your mobile device to text or call with a passcode that must be entered to complete your login process. According to Microsoft, the process is manageable and user-friendly, and passcode generators are more efficient than traditional passwords because no two passcodes are the same.
Keep Software Up to Date
We all get reminders to update the software and operating systems on our devices, but we may tend to overlook how important this is in relation to cyber security. Norton provides several reasons why general software updates and patches are important:
- Hackers love security flaws and write code to target these vulnerabilities. Software updates include patches that plug up these holes to keep the hackers out.
- Software and security updates can help prevent the spread of a virus form you to your business associates.
- Updates typically offer benefits like new features or a boost in speed that could help you to be more productive, or just a bit less frustrated about your slow-running computer.
Secure Company Mobile Devices
When traveling or working remotely with company-owned devices, there are some basic steps you can take to keep them secure, thereby reducing the risk of theft or data loss.
- Never leave your work or personal devices alone and unlocked in a public, even for a moment. Doing so can leave them, and your company’s data, vulnerable to theft.
- Ask your company to provide an external hard drive that can be disconnected when you're not actively using work files.
- Cover or disconnect your webcam when not in use to prevent hackers from seeing your workspace and potentially gathering personal information from it. The same kinds of malware and viruses that can harvest data from your devices can also be used to embed software that records whatever is in your webcam’s field of vision.
Use a Virtual Private Network (VPN)
If you are working remotely, it may be a good idea to keep an active VPN installed on your company-owned devices. VPNs cloak your device’s location and scramble information transmitted over Wi-Fi networks using encryption technology that protects your data. Encryption converts information into secret codes that only the intended recipient can read, helping you protect data from unauthorized access and potential leaks. Top VPNs tested and rated by CNET include ExpressVPN, Surfshark and NordVPN.
Cybersecurity Awareness: Takeaways
Cybercriminals use a variety of tactics to gain access to networks and personal information and breach critical data systems. Whether working on personal devices or those owned by an employer either remotely or in an office setting, everyone should take basic steps to protect themselves against various kinds of cyberattacks.
Some basic cyber security awareness tips include using two-factor authentication and smart password management, using only secure Wi-Fi networks or a VPN, being careful to avoid suspicious links in email messages and regularly updating software and operating systems.
Like frequent handwashing during flu season, these simple and easy-to-follow steps can keep viruses from spreading and prevent cybercriminals from gaining access to your personal or company-managed information.
Want to Build a Career Fighting Cybercrime?
Build a firm foundation in IT and learn what it takes to defend networks, applications and systems from cyberattacks with our Bachelor’s Degree Specialization in Cyber Security at DeVry.
Earned as part of our Bachelor’s in Information Technology and Networking, this 100% online specialization includes hands-on learning opportunities in networks, software and security technologies. You’ll learn how to build detailed security and contingency plans and use countermeasure testing as you prepare to pursue a career in cyber security.
Classes start every 8 weeks.