Week 02 - Secure IT

The number of cyber attacks demonstrates the need for greater vigilance and proactive security measures on the part of individuals.

Welcome to Week 2 of Cybersecurity Awareness Month.  The theme this week is “Secure IT”.

This week's theme represents a call to individuals to take the steps necessary to aid in their collective and individual cybersecurity.

The good news is that many of these steps are easy to take. This call to action  recommends that individuals begin to protect themselves against cyber-threats by learning about the security features available on the devices and the software they use. This can be as simple as understanding the need for creating strong and unique passwords for each device and application. But creating strong passwords, while a great start, is not all that’s needed. Updating the software on their user devices is another example of how individuals can improve their personal and digital security by simply learning about - and using - the security features already available on their devices.

The Zero Trust Mantra

Finally, experts recommend that when individuals are online they adopt the tenets of what is becoming the hottest buzz in the cybersecurity field: zero trust. Zero trust basically means to trust no one, or thing online and so verify the identity of everyone or everything. Whole security systems architectures by major cybersecurity vendors, such as Symantec, are based on the zero trust model. Zero trust reflects the reality that traditional security models are ineffective in today’s world of public Wi-Fi, the cloud, etc. 

Extending the zero trust concept to shopping online and email dramatically lowers the chances that bad guys will gain access to personal information. Simply put, if one only uses a credit card or other payment system in an encrypted, secure payment website, the chances of that information being stolen is greatly decreased. Similarly, if an individual takes the attitude that I will want to verify the identity of any email that seems different or odd in even the slightest way, the chances of falling for a phishing attempt decrease significantly as well.

If you have any questions about our activities in October or suggestions on how to improve our cyber security efforts, please contact us at: securityawareness@royalroads.ca

Suggested Links

Lift a glass to cy-beer-security            A popular Czech brewery’s take on cybersecurity. 

360% More Ransomware                     A quick outline of what is currently the most serious cybersecurity threat, and not just in the US but in Canada and around the world. 

How Phish-prone Are You?                 10 questions that will help you (or your family / friends) determine how “phish-prone” you are. 

Have I been Pwned?                             Created by an internationally recognised cybersecurity researcher, this site is a repository of email addresses & passwords compromised in data breaches.  Check out your passphrase / email address…but be prepared for a surprise!

Mad Libs #3                                           Here’s one for the kids on passwords.

Mad Libs #4                                           A "Mad Lib" on phishing. 

Great Reading:

Email Do's & Don'ts. Email has become one of the primary ways we communicate in our personal and professional lives. However, we can often be our own worst enemy when using it. In this newsletter, we will explain the most common mistakes people make and how you can avoid them in your day-to-day lives.

Passphrases.  We use passphrases here at RRU but you might not be using them elsewhere.  Here’s a good primer on how to create one. 

Multi-factor Authentication.  An introduction into Multi-factor authentication and why you should  consider using it.

Phishing InfoGraphic. Ever wonder why the cyber criminals bother sending you phishing emails?  This infographic has some answers.