It’s not too hard to leave the worrying about a hacking incident at your company to the cyber folks you hired to keep data safe. But with tons of electronics constantly at our fingertips, how can you protect your own information?
Now, everyday folks have to worry about data stealing, phishing attacks — fake messages designed to get you to hand over sensitive info — and the looming threat of cyber villains (mental image of them sitting in a dark basement, face aglow with blue light, optional).
To help out, five local leaders offered their top tips for keeping good cyber hygiene:
Suneel Cherukuri, CISO, DC’s Office of the Chief Technology Officer
For Cherukuri, who’s responsible for protecting the district from cyber attacks, it’s important to be actively mindful of your cyber hygiene. In the simplest answer, Cherukuri noted that nothing is free on the internet. If something looks unreasonable, he said, it’s definitely unreasonable, so it’s very important to be aware of what you’re signing up for.
“Keep your cyber hygiene at the very forefront of your thoughts,” Cherukuri said. “I get it, you want to sign up for all the cool things, all the cool coupons, everything. But think through that: When you’re clicking on a link, look at it. See what you’re clicking on and then click on it. That goes a long way.”
John DeSimone, president of cybersecurity, Raytheon Intelligence & Space
Even with the need for speed and our constant desire to find out what’s going on, DeSimone’s number one tip is to take the time and ensure you’re in a safe, secure spot on the internet. In other words: “Be really careful what you click on.”
“You’ve got to really be careful, knowledgeable and understand what you’re clicking on, what information you’re providing and what information you’re looking for to validate that you’re in the right spot,” DeSimone said. “That’s a fundamental piece of advice that’ll carry no matter what you do.”
Sarbari Gupta, CEO, Electrosoft
Gupta recommends the practices she uses at her own company, Electrosoft, which include routinely reminding employees of the best ways to protect themselves and maintain cyber hygiene. This keeps employees alert, which she said is important. Even as the head of a cybersecurity company, Gupta noted that she gets emails from people pretending to be her.
“Despite the fact that we employ only seasoned IT people, and many of them are cyber folks, we routinely send out reminders to our employees about such types of attacks to be careful, to try to make sure they can confirm who an email is being sent by,” Gupta said. “Because many times, just reading the name in the sender field is not quite enough.”
Alongside the practices at her own company, Gupta recommends checking out free webinars and training sessions, as well as the resources available from government entities like the Cybersecurity and Infrastructure Security Agency.
John Wood, CEO, Telos
For Wood, protecting yourself in the cyber realm is all about using two strong pieces: a strong password, which he cannot recommend strongly enough (he uses 17 characters with symbols), and multifactor authentication.
“A great deal of phishing attacks, meaning well over 90% of phishing attacks and 90% of most hacks, would not occur if people were using multifactor authentication,” Wood said. “Even if [hackers] broke through a strong password, if you’re using multifactor authentication, then they can’t get in.”
Lonye Ford, CEO, Arlo Solutions
For personal cybersecurity, Ford recommends what she calls two-person authentication. This involves users having a website or application identify them with two things: something you know (like a password), plus something you have (like an electronic device with a multifactor authentication app).
Alongside this, she encourages people to think about operational security, which involves protecting your information in the outside world.
“Be careful in what you talk about in open forums, like when you’re sitting at a restaurant — where you’re sitting at a club, where you’re sitting, wherever you are where there’s a lot of different people, be careful what you talk about,” Ford said. “People can pick up very small bits of information and use it to do phishing.”
Knowledge is power!
Subscribe for free today and stay up to date with news and tips you need to grow your career and connect with our vibrant tech community.