Why cybersecurity must be first

By Ray Wyman Jr, SonicWall

Why cybersecurity first should resonate with everyone is all over the news. Ransomware attacks rose to 304.6 million during the first six months in 2020, up 62% over 2019, according to our own widely quoted Mid-Year Update on the 2021 SonicWall Cyber Threat Report.

Ransomware have broken records with SonicWall Capture Labs seeing a 148% spike year-to-date and over 495 million ransomware attempts since September 2021 alone.

Increased Work from Home due to the pandemic is the main contributor. However, these stats point to an underlying weakness in cybersecurity, and it’s all about OUR behavior.

Skipping Security, Raising Risk

With working from home on the rise, a recent story in CPO Magazine revealed that a shocking 30% of remote workers consider themselves IT professionals. They’ve admitted to circumventing security policies, with a further 91% of respondents feeling pressured to compromise security for productivity and 76% saying security had taken a back seat to business needs. However, 83% of the respondents also admitted that these attitudes were a “ticking time bomb” situation and were aware of the risks.

Why does it matter?

Today, criminals motivated by profit are out there in droves; they want your data and, ideally, your money too. Unfortunately, our primary means of communication – text, email, instant messaging – make everyone accessible targets. Those of us unaware of security basics or who ignore security measures put everyone else at risk.

The new generation of hackers is bold, always on the lookout for the weakest link, and ready to attack.

Cybersecurity is everyone’s business

Polite society expects people to think about good manners and hygiene – rules that make everyone comfortable in social situations.

Odd then that we don’t think of these rules while using computers and digital devices. Consider people who let their antivirus software expire or insist on using old tech that we know is hackable.

Stop thinking about technology and hackers for a moment and look at this as a holistic problem. If the survey is remotely accurate and the threats as real as the data says, our attitude toward security needs some serious adjustment.

Establish a #CybersecurityFirst Mindset

How do we get to a level of care that avoids security risks? We start by ensuring awareness and increasing resilience to hacking. It sounds complex, but it comes down to knowing the difference between poor and good behavior.

For instance, poor behavior is people assuming that computers and digital devices are safe and that nobody cares about the single user plugging away at an accounting spreadsheet at a coffee shop. Good behavior takes personal responsibility and recognizes inherent risks, while poor behavior raises the risk for oneself and everyone else connected.

Prevention is a Full-Time Job

Even experts who take the best precautions can’t always prevent hacks and virus infections. So, alongside accepting personal responsibility, we make it harder for hackers by creating layers of security:

• Use and maintain antivirus software and a firewall. Contrary to some myths, people who use PCs, Macs, phones, and pads are equally exposed and should have active antivirus programs, firewalls, malware sniffers, and VPNs. Install patches (automatic updates) and keep your firewalls up-to-date. Hackers scan for people with old or expired software. And, if you don’t have either, you’re just a sitting duck.
• Establish online usage guidelines. You can start with the ones from your company. The rules are usually simple enough. Don’t share passwords, use good passwords, think before clicking (any link), and always be cautious about installing unknown or untested software and IoT devices.
• Double-check email attachments. When it comes to phishing and ransomware, you can never be sure. Hackers are adept at creating emails that look genuinely from someone you know or trust. Before opening attachments, verify the identity of the sender.
• Trust your instincts. Attackers are constantly releasing new viruses. So, scan documents and attachments with antivirus software before opening them. If it looks suspicious, delete it. If it’s important, they will contact you again. Technology can only help so much, so trust your instincts!

Be Cyber-Resilient

The Cybersecurity Awareness Campaign from CISA is intended to raise awareness about the risks WE ALL FACE. If we share #CybersecurityFirst, we must go beyond mere hashtags and slogans. Educating ourselves and helping stakeholders is a firm stance on the long-term journey to safety.

Read SonicWall’s Ultimate Enterprise Ransomware Guide to see how we develop secure and resilient systems to ransomware and other threats.

Remember. There’s no quick fix, “set-and-forget” software, or universal rules for cyber-resilience. Good cybersecurity technology like virtual firewall platforms, physical firewalls, and other security services help, but good behavior is where the real work begins.

For more information please reach out to Jeff Marshall, Country Manager & Regional Director - ANZ, SonicWall +61477 040 118 jmarshall@sonicwall.com.