Digital connectivity is one of the primary driving forces powering the modern world, so as a natural consequence, cybersecurity is absolutely vital. After all, cyber threats are advancing just as fast as technology is. However, while security experts are hard at work developing cybersecurity technology to protect us, often it's our own actions that leave us most at risk of a cyberattack or online scam. A lack of cybersecurity awareness can lead to negligent and risky behaviors like using weak passwords, lax security policies, failing to notice scams, and more. In fact, human error is the cause of approximately 88% of data breaches. In an attempt to make everyone safer and correct poor cyber hygiene, every year, the National Cybersecurity Alliance and CybSafe publish a report on cybersecurity attitudes and behaviors. The report aims to educate both people and businesses on how to better secure their digital landscapes. This year's study surveyed over 6,000 people across the U.S., Canada, the U.K., Germany, France, and New Zealand and asked about participants' knowledge of cybersecurity risks, security best practices, and challenges faced. The report reveals some eye-opening insights, such as how people perceive and respond to cyber threats and how they can improve their cybersecurity posture. So, just what was it that the report found?
We Are Online, A Lot
Perhaps the least surprising find is that 93% of the study participants are online daily. Not only are people spending more time online, but we also have more logins than before, protecting more sensitive data than before. Nearly half (47%) of the study's respondents have ten or more sensitive online accounts that hold personal information that could be harmful if stolen. This growth in our digital presence also amplifies potential risk, especially if people use the same password for two or more of their accounts.
Online Security Makes People Frustrated
Most people (84%) feel that online security is a priority, but as many as 39% feel frustrated and nearly the same amount intimidated. It often seems that it's impossible to stay ahead of hackers; just over half of people thought their digital security was under their control. But that is no reason to let down your defenses and become an easy target, especially since there are best practices you can easily put in place to safeguard your online accounts that work:
- Enabling multi-factor authentication on your accounts
- Using an email spam filter to catch phishing emails
- Adding a DNS filter to block malicious websites
- Using strong password best practices
People Need More Access to Cybersecurity Training
The most effective way to reduce human errors in cybersecurity is to train people in cybersecurity practices. Unfortunately, the survey found that just 26% of respondents had access to cybersecurity training. Those who are not actively employed are most lacking in cybersecurity training, but only 47% of employed respondents had access, and fewer still took advantage of that. Employers can significantly reduce their risk of falling victim to a data breach by offering and incentivizing their employees to participate in cybersecurity awareness training. There is a significant need to provide more training, particularly to those who are retired or not actively employed.
Cybercrime Reporting Is Increasing
Over a quarter (27%) of survey participants said they had been a victim of cybercrime. The most common types of cybercrimes reported include:
- Phishing (47%)
- Online dating scams (27%)
- Identity theft (26%)
Millennials reported the most cybercrime incidents, and Baby Boomers and the Silent Generation reported the fewest. Of course, regardless of what generation you fall into, it's always necessary to follow cybersecurity best practices to stay safe online.
Online Security Best Practices to Reduce Your Risk of Cybercrime
Strong, Unique Passwords:
A good password is always a good start. The best practice is to have a unique password for each online account and use a combination of uppercase and lowercase letters, numbers, and special characters for each password. This practice applies to both online accounts and smart devices.
Multi-Factor Authentication (MFA):
Multi-factor authentication is one of the best tools there is for account protection and should always be enabled. MFA adds an extra barrier to unauthorized access, even for compromised passwords.
Regular Software Updates:
Keep all your software, including operating systems and mobile apps, up to date. Security updates, in particular, should be installed as soon as possible to minimize risk from the vulnerabilities they exist to patch.
Watch Out for Phishing Attacks:
Proper diligence is required to protect yourself from phishing attacks. Always verify the legitimacy of emails and websites before engaging with them. Never click links or open attachments without verifying that they come from a legitimate source. Check for subtle signs, such as misspelled URLs or unfamiliar sender addresses.
Use Secure Wi-Fi Networks:
Sending and receiving data, especially sensitive data, over the internet is only safe when connected to a secure and password-protected Wi-Fi network or when using a virtual private network (VPN).
Data Backup:
Regularly back up important data to an external device or a secure cloud service. Data backups allow you to recover said data in the event it gets encrypted by a ransomware attack.
Use Antivirus and Anti-Malware Software:
Install reputable antivirus and anti-malware software on all devices, and regularly use them to scan your systems for potential threats.
Be Mindful of Social Media Settings:
Hackers frequently scour social media accounts to gather data that can be used to make personalized phishing attacks. Review and adjust your privacy settings on social media platforms to limit the amount of personal information visible to the public.
Educate and Stay Informed:
The most important part of cybersecurity is awareness of how to follow cybersecurity. Educate yourself and your team through cybersecurity awareness programs. This fosters a culture of vigilance and preparedness.