3 Ways You Can Improve Your Personal Cybersecurity

Let's be honest. When most people hear about cybersecurity they respond with:

1. It's all too complicated for me to understand
2. Why would I be a target?
3. If they want to hack me they will, so what's the point in trying to avoid an attack?

Although cyber threats are increasingly sophisticated there are some pragmatic steps everyone can take to improve their cyber security - even people who are not especially tech saavy.

Get Updated

For most people updating devices and software is an inconvenience, but 41% of breaches exploit software vulnerabilities - vulnerabilities which are remediated in software updates. There is also a bit of a race associated with updates. Most hackers are going after the low-hanging fruit, so they aren't even aware of a vulnerability until a fix is released. When a software releases an update to fix vulnerabilities, opportunistic hackers zero-in on that vulnerability to take advantage of people who delay updates.

Recognize Phishing

Phishing is when a hacker sends a fraudulent email asking for information or requesting you to click on a link - giving them access to your information. More than 90% of all security breaches start with phishing. These can range from poorly-written out-of-the-blue emails from a long lost cousin in Albania to a highly deceptive email from your boss asking you to pick up a gift card for him. This episode of Reply All highlights some common phishing techniques and how much information someone can get, very easily. Be suspicious of any email you receive unexpectedly, especially if they are asking you to follow a link, download something, or verify some information. Some of the most common phishing attempts I've seen recently include:

• An email that looks like it's from your supervisor asking you to purchase a gift card or something and send it to him. These express a lot of urgency so you don't think critically about what's happening
• An email from a commonly used organization asking you to verify your account. "Paypal" might email you asking for you to verify a purchase when you've made none. "Marriott" might email you saying your email was included in the recent breach so you need to follow a link and take advantage of the free identity monitoring they are offering...
• An email might come from a friend or relative with very little information, just a link. It might say, "Take a look at these photos" or something along those lines

Use secure, unique passwords

It's not a question of whether you will get hacked, but when. And if you use the same password through several accounts, getting hacked becomes a much bigger ordeal. When an identity is hacked, hackers attempt to use those credentials (username and password) on other websites. So if Facebook was hacked and you use the same sign-in information on Instagram, the hackers would also gain access to your Instagram.

I use a password manager like LastPass. LastPass auto-generates unique passwords based on parameters you set (length, characters and symbols that are valid, etc.) and then saves them in a browser extension or phone application. I don't know any of my passwords anymore, and when an organization I use is breached I only have to change one password. If LastPass was hacked I'd be in trouble.

Are you secure right now?

My final advice would be - know how secure you are, right now. Visit haveibeenpwned and search your login information. I think you'll be surprised at the amount of information that has been accessed by hackers. To demonstrate, here is the report that came up when I searched the email address I started using in 2008.