在本文中, we’re arming you with the knowledge to avoid falling victim to cyber-attacks and threats. 由于许多网络安全问题都是由“人为因素”引起的,” educating yourself is one of the best steps you can take to protect both your personal and business presence.
What are a few things you recommend people do to better protect themselves when it comes to cybersecurity?
- 使用密码管理器. One of the biggest downfalls people have with their personal security is reusing passwords and using weak passwords. The rationale for doing this is usually that it’s hard to remember a bunch of unique or complicated passwords to a bunch of different accounts. 这时密码管理器就派上用场了. It’s essentially an encrypted password vault that stores all your passwords for you and offers functionality to generate secure passwords. 通过使用密码管理器, all you have to do is remember one password: the password to your vault w在这里 everything is stored. If I had to recommend one thing people can do to improve their security, this is it.
- 启用多因素身份验证. This is the feature that requires you to verify login attempts via an app on your phone, 短信或电子邮件. Typically, you want to use strong multi-factor authentication over weak multi-factor authentication. That means using a multi-factor app like Microsoft or Google Authenticator in lieu of using email or text message multi-factor, simply due to the in在这里nt vulnerabilities that exist in text messaging and email protocols. If everybody used multi-factor authentication and a password vault, 网络犯罪将会大幅减少.
- 减少你的数字足迹. 理想情况下,您希望在线占用的空间非常小. Attackers do something called “open-source intelligence” using your social media, which means they look at your social accounts in search of ways to exploit you. 他们知道你在做什么, 你去哪儿了, 你的兴趣是什么?, 你的家人是谁?, 然后利用这些数据来欺骗你或攻击你. Lock down your social media channels and limit access to people you know and trust.
The other aspect of your digital footprint is essentially every website beyond social media. 你提供信息的网站越多, the more likely someone may be negligent with that information and leak it to an attacker. Being mindful about who you give your information to goes a long way in making sure that your data stays out of the wrong hands.
What are some best practices businesses can employ to better protect themselves from cyber threats?
- 限制特权访问. 如果某人不需要特权访问,他们就不应该拥有它. Only give the necessary permissions that an employee needs to do their job. This ensures that if one account is compromised only a subset of your network is at risk rather than the entire thing. 也, 如果你的员工已经不在公司了, 确保你禁用了这些账户. You may also want to preemptively disable employee accounts when someone gives their two-week notice.
- 备份所有的. 如果你的企业受到恶意软件或勒索软件的攻击, 拥有安全且远离网络的备份是一种可取之处. If your computers and data get locked and encrypted as part of a ransom, you may be able to pull your backups and essentially rebuild without paying the ransom. 在支付赎金的公司中,只有大约8%的公司能找回自己的数据. 有备份更安全,也更明智, test them regularly and know how to restore everything should you ever find yourself in that situation.
- 接受教育,保持警觉. 回到上面分享的政府承包商的故事, 70-90% of all cybercrime starts with social engineering or phishing attacks, 其中很大一部分是人为因素造成的. Do your due diligence by educating your employees about user awareness. 看看 网络安全基础设施 & 保安局(CISA) 一个很好的资源.
- 随时了解最新消息. Around 20 to 40% of cyberattacks are made possible by outdated software. You can easily avoid becoming a statistic by ensuring that your software is updated. Make someone on your team accountable for regularly auditing your systems and updating as necessary.
- 有计划吗. Most small businesses typically don’t have an incident response plan in place. 如果他们受到攻击或数据泄露, it would likely take some time to formulate a plan on how to proceed. 在袭击发生之前, sit down with IT and your business leadership to map out an incident response and continuity plan outlining exactly what to do and assigning responsibilities for different aspects of your post-attack business. 没有人想要发生这种事, but it is extremely important that you know what to do if and when it does.
—
想了解更多吗?? 了解中央的网络防护 & 报道
中央电视台报道个人和商业网络新闻.
在个人方面, 我们提供身份恢复大发888dafa, which covers the costs incurred in the event that your identity is stolen. 个人 cyber coverage offers protection against things like cyberbullying, 包括心理支持的费用, 或者被黑客入侵. 了解更多关于这两者的信息 在这里. Central’s Cyber Suite 报道 is a great option for businesses that maintain data on clients or employees. It covers everything from data compromise response expenses to cyber extortion, 数据危及身份恢复的责任. 点击这里了解更多关于Cyber Suite的信息.
The information above is of a general nature and your policy and coverages provided may differ from the examples provided. Please read your policy in its entirety to determine your actual coverage available.