Law 2: Not Keeping Up is Falling Behind
Several weeks ago, I read an article published by Microsoft titled “The 10 Laws of Cybersecurity Risk”.?Here, the authors lay out the following tenets or “laws” regarding cybersecurity risk:
?
1.???????Security success is ruining the attacker ROI.
2.???????Not Keeping up is falling behind.
3.???????Productivity always wins.
4.???????Attackers don’t care.
5.???????Ruthless prioritization is a survival skill.
6.???????Cybersecurity is a team sport.
7.???????Your network isn’t as trustworthy as you think it is.
8.???????Isolated networks aren’t automatically secure.
9.???????Encryption alone isn’t a data protection solution.
10.????Technology doesn’t solve people and process problems.
?
If you haven’t read it yet, here’s a link to the original article (10 Laws of Cybersecurity Risk).?
?
Last week, I highlighted several easy ways for your agency or business to ruin an attackers ROI.?Today, let’s address Law 2: Not Keeping Up is Falling Behind.
?
There it is again, the dreaded “update your software” alert message from Microsoft (or Apple, or…).?Always right in the middle of working on a document, or posting to your favorite app.?They’re pesky and always seem to interrupt your train of thought.?I’ll just do it later you tell yourself.?Maybe tomorrow, and the next thing you know the days have turned into weeks and another new update is available.?No big deal.?Right?...
?
领英推荐
In reality, you’ve left your system open to cybercriminals for a month.?Not good.?
?
Every day, there is a threat actor somewhere out there in mom’s basement that is coding a new way to steal information and gain access to systems.?Updating software on your system provides a layer of protection that you might otherwise not have.?A couple good reasons to load software updates as soon as they are available would include:
?
1.????Patching security flaws.?System security is the number one reason to update your software immediately.?Nobody writes perfect code, and vulnerabilities will exist that make it easier for cybercriminals to access your system.?Once access has been attained, these bad actors are able to plant malware and hold your system ransom (or just plain steal information).
?
2.????Protecting your data.?Once a cybercriminal gets through a software security flaw, they’ll search for personally identifiable information (PII).?This includes things like financial records, passwords and usernames, all of which can be sold on the dark web.
?
One of the best ways to “keep up”, is to let the software automatically update.?Remember, if your system is better protected than the next guy’s, cybercriminals will likely pass you by and attack the softer target.
?
And remember, they’re free, so why not take advantage?
?
I hope this helps.?If you or your company or agency need assistance improving your cyber security position, please get in touch with me, as Tek Works would be happy to help.
?
Check back for tips on Law Number 3, “Productivity Always Wins”.
?
@mbcronyn @pmo @pmi @pmiwic @issa
Connecting, building, communicating and energizing IT teams… - IT Product/Sr. Project/Program Manager, - Tek Works, LLC Founder, - Vulnerable adults/elders Advocate, and - born/raised farm girl
1 年I had this happen on my phone last month. I thought it was updated, as my settings are set to auto-update. Clearly a message intended to lead to a deceptive action. Good info, Foster! ????????????