October 31, 2016 By Lucie Hys 4 min read

October has flown by! National Cyber Security Awareness Month (NCSAM) may soon be over, but these cybersecurity tips are evergreen. (As are the NCSAM lessons we passed on in weeks one, two and three.) Here are 10 more cybersecurity rules people should follow — but often don’t!

1. Sharing Is Caring. Unless It Is Oversharing.

Name of your dog, favorite band, favorite color — can the answers to common security questions be found on your social networks?

2. Know What Mobile Apps Are Safe to Download

Download mobile apps only from trustworthy sources. Always:

3. Don’t Be Indolent — Create a Login

Using your social media account or email to log in to the third-party sites? Know that if you log in to third-party site with a social account, your data can be shared between that social network and the third-party app.

4. Not Only Lights Should Be Off When Leaving the House

Turning off your Wi-Fi and Bluetooth may save you not only battery, but also a lot of trouble. Make this a habit:

5. Keep Your Money Safe

FICO reported that ATM compromises in the U.S. jumped sixfold in 2015. Fraudsters like to target places that are unattended, such as ATMs, gas stations, etc. Take precautions to decrease your risk of becoming the victim of credit card fraud and remember:

6. Encrypt Your Data

By encrypting, you are essentially converting data into a code to prevent unauthorized access. While encrypting an entire drive is safer, an average user should at least encrypt the files that are sensitive. Ask yourself following questions:

Plus a pro tip from @0DDJ0BB: “Encoding nor hashing is the same as encrypting. [It’s] important to understand the differences.”

7. Reusing Passwords Is a Big No-No

It’s hard to keep track of different passwords, but that’s what a password manager is for. You shouldn’t be reusing passwords, period. It’s especially true in this case:

8. Cloud Gets Hacked Too

Many people think that whatever they have stored in the cloud is automatically protected and can’t be seen by others. Not true: Cloud services get hacked, too. Uploading files into the cloud essentially equals storing them on someone’s computer. If you intend to store data in the cloud that should never hit the spotlight, make sure to do this first:

9. Recognize Phishing Emails

Phishing emails are becoming more sophisticated. Question all emails, even those that appear to be from people you know.

10. Remember Basic Password Hygiene

Heard of choosing passwords that inspire (i.e.,1t1sTim3toCa11M0M)? Neat reminder! Remember basic password hygiene:

A Final Thought on NCSAM Lessons

Are you oversharing on social media? Are you encrypting your sensitive files before uploading to the cloud? How about your significant others, friends and colleagues? You must take steps to answer all of these questions and remediate your behavior when appropriate.

While these tips may seem simple, it’s surprising how many people get scammed. Insiders carried out approximately 60 percent of all attacks in 2016 — in many cases inadvertently — through bad security habits or by falling prey to outside schemes such as phishing attempts.

If you enjoyed these NCSAM lessons, share this post with your community so your friends and co-workers can also stay safe online.

Illustrations by Nathan Salla

More from Intelligence & Analytics

New report shows ongoing gender pay gap in cybersecurity

3 min read - The gender gap in cybersecurity isn’t a new issue. The lack of women in cybersecurity and IT has been making headlines for years — even decades. While progress has been made, there is still significant work to do, especially regarding salary.The recent  ISC2 Cybersecurity Workforce Study highlighted numerous cybersecurity issues regarding women in the field. In fact, only 17% of the 14,865 respondents to the survey were women.Pay gap between men and womenOne of the most concerning disparities revealed by…

Protecting your data and environment from unknown external risks

3 min read - Cybersecurity professionals always keep their eye out for trends and patterns to stay one step ahead of cyber criminals. The IBM X-Force does the same when working with customers. Over the past few years, clients have often asked the team about threats outside their internal environment, such as data leakage, brand impersonation, stolen credentials and phishing sites. To help customers overcome these often unknown and unexpected risks that are often outside of their control, the team created Cyber Exposure Insights…

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today