As a company that specialises in sourcing and promoting the best cybersecurity solutions and practices for businesses, celebrating awareness through days such as #SaferInternetDay is something we’re keen to proactively advocate for.
Today, we’re joined by our Senior Technical Specialist, Grace Shaffi giving us her thoughts and top tips for staying safe on the internet in a world that demands agility, on-demand content and easy access to cloud-based resources in our educational, personal and professional lives.
My career journey into ‘tech’ is unlike most. I started as a carer, moved into teaching, before reaching the point that I find myself today as a technical specialist within the cybersecurity environment.
So, what has this exposure taught me? Well, the common theme is that no matter your role, your experience or your industry, you can and will be duped by online threats.
If I roll back a few years to when I had to teach internet safety in schools, I would always tell the story of the time that I had bought something from an Instagram advert and a week later someone spent £398 in a Starbucks in Spain on my credit card. Of course, we would all laugh about how much coffee that must have been, but I hoped it highlighted that even me, a Computer Science teacher, could be caught out by a fraudulent link. No one is safe! This story would follow with an educational conversation about ‘the little padlock’ and how to check for fake pages. The cyber safety 101 starters edition.
Next up would come the scary talk about strangers pretending to be someone they are not on the internet. I would be met with protests of how they would never be foolish enough to be tricked by this, but the reality is that it happens. The same sentiment is echoed in the workplace when we talk about phishing attacks and staff reusing passwords. Assuming that personally, ‘I’m just one person, I won’t get hacked’ or that as a business our teams are genuinely using different passwords across their different accounts is a naïve outlook. Sadly, the reason we are all still unsafe online, is because the bad guys are human too. Humans with questionable morals and ill intentions – and sometimes people who are just bored and want to cause havoc, but they understand how to exploit vulnerabilities for this very reason.
I could talk to you, the reader, about the fact that the current cyber security awareness training isn’t making young people or schools more secure, but the truth is that the same is reflected in our own companies regardless of size or industry. The real question is, when will we will accept that the threats will be created by humans aimed at humans?
By doing so, we can accept that we, as business leaders, need to invest in cybersecurity tools to remove the element of risk all together.
For the first time in my career, I do not reuse any passwords, the reason? Because my employer Distology have chosen to empower and protect us with tools such as Okta and its SSO (single sign on) capabilities to remove the need for me to create 20 passwords just for work.
We have also started working with Menlo, whose patented page rendering technology ensures that any malicious links or code hiding in a web page are filtered out before the page is displayed to the user. Just like that, the burden of checking every single page and link is taken away from me.
I am not suggesting for a second that these tools alone fix all the issues around social engineering, but they do take some of the risk away from employees and simultaneously reminds our teams of the importance of their own cyber hygiene outside of work.
In an ideal world, all people from young children to old would be cyber aware and able to protect themselves online. We know that prevention is better than the cure, so it is important to explore alternative, preventative strategies and the tools to overcome the ever-present threats to us all online.