October marks Cyber Security Awareness Month, a collaborative effort between the public and private sectors to increase interest and knowledge about the importance of cybersecurity.
This year, Check Point celebrates the 20th anniversary of this campaign – a testament to its enduring importance. Like Protagonists of Cyber Security Awareness Month, the company joins the global effort to promote the campaign for a safe cyberspace for both organizations and individuals.
The theme for 2023 is: Secure Our World, and urges everyone to take four key actions throughout the year:
-
Use strong passwords access and a manager for them
Did you know that compromised passwords are responsible for 81% of breaches related to hacking; It's a reminder that using strong passwords is one of the easiest ways to protect your accounts and keep your information safe.
Here are some key optima password security practices:
- Create a strong password: If you are still using a weak password like “password”, consider it compromised. Hackers can crack this easily guessed code in less than a second. Instead, create passwords that are at least 16 characters long and uniquely complex. Avoid using consecutive strings (ABCD, 1234, QWERTY) and easily identifiable information such as names and birthdays. Your password should be a riddle that even Sherlock Holmes would find puzzling!
- Avoid reusing passwords: Think of your passwords as fingerprints- everyone should be unique. Reusing passwords makes you vulnerable to cyber attacks such as hacking brute-strength and the collection of credentials. Creating a unique password for each account limits the impact in the event of a breach.
- Use a password manager: Password managers save you the hassle of post it or of remembering so many different passwords. All you need is a password to login to the password manager. They can generate, store and fill in passwords automatically and help create complex combinations
-
Enable Multi-Factor Authentication (MFA)
According to Microsoft, the activation MFA can make you Present in several = 99% less likely to become a victim of piracy. Why; Because the MFA requires a combination of two or more authenticators to verify your identity before you are granted access to your account. Even if a hacker cracks your password, they must satisfy the second authentication requirement in order to gain access to your account.
Ο MFA asks for:
-
Something you know – a number PIN or a password
-
Something you have – an authentication app or a confirmation text on your phone
-
Something you are – fingerprint scanning or facial recognition
Note that not all methods offer MFA the same level of protection. The resistant to Phishing MFA is the standard to which industry leaders should aspire, but every MFA is better than non-existent MFA.
-
Update your software
Before you instinctively hit the “Remind me later” button, it's important to understand the importance of software updates. Technology providers issue software updates to fix urgent security holes, and if you don't keep your software up to date, you may be left unprotected.
Here are the items you need to keep up to date:
-
Operating System (OS)
-
Browser in Website and extensions
-
Third party applications
To make these updates easier to use, set automatic updates to download and install as soon as they are available. Remember to download software and apps only from verified sources and official app stores. Updates must be sent to you by the device, software or app developer itself, not someone else.
-
Recognize and report phishing phenomena
The Phishing includes sending messages from maliciousactors pretending to be a trusted person or entity and is the most common form of cybercrime. If something looks suspicious, trust your gut.
Characteristic signs of Phishing include:
-
Urgent or emotionally appealing language
-
A sense of urgency to click immediately
-
Requests to send personal or financial information
-
Unexpected file attachments
-
Untrustworthy shortened URLs
-
Email addresses that do not match the purported sender
When you encounter a suspect message, use the “report spam". In cases where the message impersonates an organization you trust, notify the organization using the contact information found on their official website.
Finally, delete suspicious messages. Do not respond to or click on any attachment or link, including the link “unsubscribe', which may carry a link used for Phishing.