CYBER-SECURITY
CONTINUED FROM PAGE 8
You can picture her in shining armour. “There can be big consequences to a digital breach: Loss of money from your bank ac- count or revenue from businesses or custom- ers, or you could actually ‘voluntarily’ give them money,” Knight says. “There can be damage to company brand because if you get a credit card breach or a privacy breach like health-care information or customer data, that can really hurt you.” A security breach is an incident that results from unauthorized access to your computer, your data or an application on your networks or devices. They can happen different ways, and they aren’t always immediately apparent. “You could have a breach because you haven’t updated software or systems when you get an alert on your device. Always pay attention to them,” she says. “If you don’t update, there may be a gap in your security or unpatched piece of software that hackers could see and take advantage.” You could open something that you shouldn’t — like a phishing email. There are three “-ish- ings”: Phishing, vishing and smishing. “Phishing is email. Vishing is voicemail — that’s when you get a suspicious phone call and they ask you to call them back or they catch you on the phone,” she says. “Smishing is text, where you might get a ‘text from your bank’ that says they want to deposit money, and they ask for your banking information.” How do they convince you? “Hackers use social engineering techniques to press your buttons in order to get a big emotional response from you, like panic or fear or maybe even greed. They want you to click on a link or elicit a response that leads to giving them information,” Knight says. “They’re getting more and more sophisti- cated and they can be very convincing.” Anything that’s digital can be subject to vulnerability. In addition to phones, con- nected devices include laptops, tablets and home digital assistants like Siri or Alexa. Knight says if people have questions, cyber- safe.gc.ca is a good source from the federal government. But there are basic safety steps for individuals and businesses. “Turn off features like Bluetooth, camera and geo-location apps when you’re not using them to prevent access by hackers. Make sure your kids do this too,” she says. Have strong passwords for your devices and your Wi-Fi, which includes changing manu- facturers default settings and creating new usernames and strong passwords. “There are password generators — secure apps — you can use to store your passwords and to generate strong, hard-to-hack passwords.”
Use dual authentication such as adding biometrics like your thumbprint for another effective way to protect your phone and other connected devices. It’s always a good practice to have more than one secure gateway to access your devices that no one else but you can use. “Business leaders should consider cyber- security a mission critical component of their business plan,” Knight says. At the very least, businesses should get a risk assessment and the basics of an incident response plan. “Consultants can help you with that. At MITT through CyberWave, we’re looking to help companies. You could even take a student from our program on a work practicum to help you get your system set up properly,” she says. Be sure your service provider is monitoring traffic and watching your network to provide you with alerts. And they should be able to fix problems. First and foremost, your staff members are your best first line of defence. As a baseline strategy, Knight suggests running a 90-day training and awareness program to see how many of your team members know how to identify email scams. “Once you’ve got a baseline, you can say: OK, what do we have to do to improve?” she says. “By running virtual self-directed learning, they can gain an understanding of how these phishing expeditions work and how you get played.” Next, make sure your systems are being patched, actively protect your data and de- termine who gets access. “You want eyes on your system and network. A lot of small companies contract with a security company,” Knight says. “Sometimes you can stop something before it happens. But, more importantly, you need to know how can you mitigate it if something does happen so you can reduce your dam- ages as much as you can.” ■
Use dual authentication such as adding biometrics like your thumbprint for another effective way to protect your phone and other connected devices.
Be sure to use strong passwords for your devices and your Wi-Fi. PHOTO BY DARCY FINLEY
10
WINTER 2022
Powered by FlippingBook