Get Serious About Cybersecurity: Take Ownership of Your Personal Data

October is National Cyber Security Awareness
Month (NCSAM), and one of the prongs in the three-part theme is for all computer users to “Own IT.” This means staying safe on social media, updating privacy settings, and keeping tabs on apps. Simply put, users need to take better ownership of their
data and their online presence as part of daily safe cyber practices.

October 2019 is National Cybersecurity Awareness Month #BeCyberSmart

It is all too easy simply to click the wrong link, share the
wrong thing on social media, or download the wrong app. One of the
biggest risks today is ransomware, a type of malware that can lock a
user or even an organization out of a computer or network. Cities such
as Atlanta and Baltimore have suffered from ransomware attacks that
resulted in millions of dollars in recovery costs.

The insidious ransomware threat is getting worse. The global
damage from ransomware could cost US$11.5 billion this year, according to data from
cybersecurity researchers at KnowBe4. The average
ransom payment increased by 184 percent, while the average downtime
for organizations was 9.6 days!

“The threat of ransomware continues to grow,” warned Kelvin Coleman,
executive director of the National Cyber Security Alliance.

“For the average consumer, phishing — when someone poses as a
legitimate entity to try to access your data — also remains a big
problem,” he told TechNewsWorld. “As the Internet of Things
expands, this will also expose more of our data through the sheer
number of interconnected devices we own.”

Too Much Information

Many consumers already do a good job of securing their desktop and
laptop PCs with antivirus software and are wary of unsolicited
emails, but they may fail to realize that the same precautions need to be
in place on mobile devices. The problem is likely to get worse as the
world becomes ever more connected.

“The chief issue is that technology’s deployment vastly outpaces our
ability to anticipate awkward consequences of its use,” explained Jim
Purtilo, associate professor in the University of Maryland’s computer
science department.

“Without an overarching legal and social framework to define what
protections people ought to enjoy, then eager consumers — the early
adopters who get new services and products off the ground — end up
being the early casualties,” he told TechNewsWorld.

“We learn the unintended consequences of some new technology only once
people become victims, often bringing others with them,” added
Purtilo.

Another problem is that people tend to share too much on social
media, which can include posting vacation photos in real time —
telling would-be thieves that your house is empty and ripe for the
picking! Combine this with the personal information that is shared, and
it can make it easier for high-tech thieves to guess passwords as well.

Users need to limit what they’re sharing and do a better job of
protecting sensitive data and information. This is where “Own IT”
comes into play.

“The takeaway point is that cybersecurity is more than just building
high castle walls around select financial data,” said Purtilo.

Protecting Data

Consumers should be vigilant about privacy and know how their data is collected and used.

“There are some easy steps that consumers and businesses can take to
help safeguard their data, such as using long and strong passwords or
passphrases, updating software regularly, and implementing multifactor
authentication,” said NCSA’s Coleman.

Failure to do so can have lasting effects that go beyond lost data.

“Most folks do not know what to do when they experience an account
takeover attack or identity theft,” noted Justin Fox, director of
DevOps engineering at NuData Security, a Mastercard company.

“Often they just reset their password to the service that was
fraudulently taken over — this is not enough,” he told TechNewsWorld.

“When you are a victim of identity theft or fraud, it is important to
construct a plan to recover your identity and protect yourself from
additional fraud,” Fox added.

“A step that I would encourage folks to consider is placing a fraud
alert through a credit bureau,” he suggested. “A fraud alert is free and
will make it harder for someone to open certain accounts in your name,
such as credit applications, as they have to take additional
verification steps.”

Check Privacy Settings

One of the key points of owning IT is to keep privacy settings
up-to-date. Too often social media companies, software vendors, and
other online entities have the default settings that favor them and
not the consumer. Therefore it is a good idea to check the settings before starting to use a new application.

Caution is also advisable when a new application is loaded
onto a PC, tablet or mobile phone to ensure that malware isn’t hitching
a ride.

“As far as keeping tabs on their apps, people should ensure that
they are using software and services that scan their devices for malicious
apps,” said Ralph Russo, director of the School of Professional
Advancement Information Technology Program
at Tulane University.

“For example, people using Google Android devices should make sure the
Play Store app scanner is on and functioning, and people using
Microsoft Windows should, at the least, use built-in Windows
Security,” he told TechNewsWorld.

It is also important that users install apps and other software only from reputable
sources, and from the mobile device operating system official app store.

“Sideloading apps, or installing from other than the official store,
can get you free software and a little more — hidden malicious
software, as the free app acts as a Trojan horse,” warned Russo.

“Privacy settings in social media should be set to only allow the
minimum number of people to see personal data, photos and messages that
users are comfortable with — e.g. ‘friends only,’ ‘friends of friends,'”
added Russo. “Never set a privacy setting to ‘public’ without a
specific considered reason for doing so.”

Own IT on Social Media

It is easy to share way too much on social media. One
factor is that the concept of “friends” suggests those that have
connections with you are in fact your friends, even when you’ve never
met them or had any prior contact.

A worrisome aspect of social media it can be just as easy for
individuals to be socially engineered as friended!

Also of concern is that while online, people tend to share information with
the masses that they probably would only whisper to a close friend or
colleague in a face-to-face situation.

“While social media has become a primary method of communication in
our society, users should proceed from the perspective that anything
they say or post can eventually, if not immediately, be public,” Russo pointed out.

“Unfortunately, many people approach posting as if it is for their
friend’s eyes only — but social media sharing and re-posting can
quickly widen the audience to a level the poster did not count on,
he said.

Therefore, when using social media one should refrain as much as
possible from divulging or displaying personal information that could be used in any nefarious wary.

That could include birth dates, specific and detailed information about
upcoming events or plans, or personal information such as the layout of
a business or house, said Russo. “Think from the perspective of what a
malicious actor would do with the information you’ve posted.”


Peter Suciu has been an ECT News Network reporter since 2012. His areas of focus include cybersecurity, mobile phones, displays, streaming media, pay TV and autonomous vehicles. He has written and edited for numerous publications and websites, including Newsweek, Wired and FoxNews.com.
Email Peter.

Share this Story: