As we slide into the lazy days of summer, vacation becomes the topic on everyone's mind. From cottages, to beaches, to hotels and cafés—whatever gets us away from our daily grind to recharge and get ready for the fall business rush. The reality, however, is that not many people in this day and age truly get to disconnect entirely. With ubiquitous connectivity through mobility, no one is truly safe from email, phone calls, texts, and more.
It's this ever-connected paradigm paired with vacation mindsets that can lead to potential cyber security risks. One of the major culprits is that of unsecured networks. Whether a beach-side bar, café, or even hotels (especially in other countries) the lack of security protocols can be disturbing. These networks are prime targets for criminals looking to hijack people's devices and information.
The best way to combat this falls into two categories: the first being good habits, and the second being good security measures and technology.
As it pertains to surfing habits, there are several things to never do when connecting to an unsecured network. For instance, never connect to a service that contains personal or financial data while on an unsecured network. This means no online banking, shopping or, in many cases, social media—especially if you use the same password for multiple applications.
Furthermore, it's best to also not answer work emails or send documents—the unsecured nature of the network can lend itself to breaches through stolen information or documents attached to the emails.
Then, of course, there is the accidental clicking of links—email or otherwise. As we all sit next to the lake, pool, and so on, it’s natural to let defences drop when connecting to the outside world. It could be as simple as an email that arrives in the inbox with a particular call-to-action: a sale, a document you "need to read,” and others. And, in a single moment of not thinking it through, suddenly, malware can be introduced into your device.
The same is true of internet links. In fact, I know of several people who just recently had their phones hijacked by clicking on the wrong link on the wrong site—one of them being a news site of all things. The sequence of events simply went from reading an article on a major news network, clicking on a related article, then clicking on another related article that happened to be an ad leading to an entirely different website. That new site introduced ransomware that locked his phone.
Again, a simple sequence of events that were as innocent as researching real-time news led to a breach that could have been prevented by paying a little more attention to the destination URL.
And then there is the secondary line of defence: ensuring that devices are connecting through a secured VPN will help reduce instances of potential breaches. As always, the right technology for the right application can help save the day, more times than not.
So, where does that leave us this summer and beyond? For the most part, education. Make sure that people in your organization are aware of the potential dangers, and teach them some best practices and good surfing habits. By just doing this, the instances of potential breaches will drop exponentially.
And, if I dare say it, encourage people to disconnect for a few days. Sometimes the best defence in ensuring people are in the right mindset for better cyber security stewardship is to not interact with technology at all. Or maybe that's just my dream of the ultimate summer vacation.
Enjoy your summer everyone!
November 3, 2022
In Case of Emergency… Have a Plan
When an emergency occurs, it’s too late to plan or rehearse the response. Fires, floods and other disasters don’t pause while you get ready to address them. Policies, plans and procedures for response must be in place long before they are needed.
October 13, 2022 | Jacqueline Davis
Leading the Race Against Threat Actors
Threat actors are getting smarter and will always find new ways to execute their payloads into an organization’s tech environment. To win the cybersecurity race, organizations need to learn more about some of the key trends in cybersecurity.
October 11, 2022 | Jacqueline Davis
Observations from SecTor 2022
Research suggests that most IT departments are not keeping pace with the changes in cybersecurity. Given the rapid adoption of the connected world, it’s no wonder there is a struggle to keep the pace.