Cybersecurity is everyone’s job
Subscriber Benefit
As a subscriber you can listen to articles at work, in the car, or while you work out. Subscribe NowIn today’s interconnected world, cybersecurity is not just a concern for IT professionals or tech-savvy individuals. It’s everyone’s job, and given the frequent headlines about cybersecurity threats, this shared responsibility matters more than ever.
As the Information Security Risk Manager at Everwise Credit Union, I often stress that cybersecurity is not merely a matter of technical safeguards. Why? Because it’s easier to trick a person than a computer. The technology designed to keep information private is only as good as the humans using it.
Cybercriminals are constantly evolving, employing increasingly sophisticated tactics to exploit human vulnerabilities. Social engineering, for instance, leverages empathy to manipulate individuals into revealing sensitive information or taking actions that compromise security. Whether it’s through a text message, QR code, or a seemingly innocent flash drive, cybercriminals are always coming up with new tricks to gain access to data.
The most common threat is through phishing emails, where attackers impersonate trusted individuals to deceive their victims into transferring funds or disclosing confidential information. Sometimes these phishing attempts are obvious, but thanks to artificial intelligence, cybercriminals are able to make communications look and sound more legitimate. So, what should you do if you’re unsure whether an email is legitimate?
At Everwise Credit Union, we advocate for use of the STOP method: Stop, Think About It, Observe the Email, and Pick a Different Form of Communication. When you receive an email or text message that feels suspicious, the very first thing you should do is stop. Don’t click on anything. Don’t fire off a quick response. Next, think about the communication and why this person or business would be sending it to you. Then observe the email or text closely. Typos, odd sentence structures, and blurry logos are all red flags this wasn’t sent from a legitimate source. Also, look at the actual email address from which it was sent. Finally, pick a different avenue to communicate with the sender. Don’t use the contact information sent to you. Try calling them from a verified number through a website. If it looks like it came from a business, email or call a different verified contact there. Think of it as multi-factor confirmation.
What else should you be doing to keep your business and personal information safe? Keeping your software up to date is crucial to patch vulnerabilities cybercriminals may exploit. When using public Wi-Fi networks, consider using your own hotspot or a VPN to create a private “tunnel” to a network. Never share passwords across accounts. Set up multi-factor authentication and use a password manager to generate and store complex, unique passwords. Remember, the length of your passwords is often more important than complexity, and security should always take precedence over convenience.
Cybersecurity is everyone’s job. Stay vigilant, stay informed, and remember that if something online seems too good to be true, it most likely is.