Identity theft continues unabated
The company’s violations continued throughout the pandemic and beyond. This wealth of private consumer information is a treasure trove of identity theft material. Financial breaches cause the most damage as hackers can convert financial records such as salaries, social security numbers, names, addresses and dates of birth into identity theft.
CyberHoot recommends that you freeze your credit at all credit agencies (there are at least 4 major agencies (see links below)) in order to prevent hackers from researching your credit history and ending up taking out credit cards or loans in your name, or worse, outright identity theft. , many insurance policies can add an identity theft rider to help you recover your identity if you are harmed.
In addition to these personal safeguards, companies should consider the following best practices to protect themselves from giving away our critical personal information in the first place. Consider signing up for CyberHoot today to better protect yourself and stop being part of the problem with identity theft.
CyberHoot Best Practices:
- Train your employees on the common attacks out there. From weak passwords and password managers, to the importance of multi-factor authentication and how to spot phishing attacks. Awareness is the key to protecting your business.
- Control your employees with a cybersecurity policy, including acceptable use, password, information handling, and a written information security policy.
- Establish cybersecurity best practice processes, such as the Vulnerability Alert Management Process (VAMP) and the Cybersecurity Incident Management Process (CIMP) to guide and require emergency action. Then move on to the onboarding and offboarding processes, SaaS management processes and third party risk management.
- Create strong technical defenses including: firewall, anti-virus, anti-malware, anti-spam, multi-factor authentication on all critical accounts, enable full disk encryption, manage keys carefully, and most importantly, adopt, train and require all employees to use the manager Passwords.
- Test employees on how to spot and avoid phishing attacks. CyberHoot has released a disruptive method of Phish Testing to fill your employees’ knowledge gaps without punishing them for failure. Instead we reward them for success. More information is available here.
- Back up your data by following our 3-2-1 backup methodology to ensure you can recover your business from a cyber security incident.
- In the modern age of working from home, make sure you manage personal devices that connect to your network by verifying their security (patching, antivirus, DNS protections) or completely banning their use.
- If you haven’t had a third-party risk assessment done in the last two years, you should do it now. Establishing a risk management framework in your organization is critical to addressing your most difficult risks in your final time and money.
- Buy cyber insurance to protect you in the event of a catastrophic failure. Cyber insurance is no different than car, fire, flood or life insurance. It’s there when you need it most.
CyberHoot believes that for many SMBs and MSPs, you can greatly improve your defenses and the chances of not becoming another victim of a cyber attack if you follow the advice above.
