To help users avoid putting their personal and company data at risk, we’ve listed some common cyber security mistakes along with some ways you can help avoid them.
Lack of employee training
Its believed that 95% of cyber security mistakes originate from user errors from employees. Employees can unintentionally compromise your organisation’s cyber security through actions such as clicking on phishing emails. Phishing emails are a problem experienced by many organisations and individuals. These cleverly created e-mails often contain attached documents loaded with malware. Users should never open or download an attachment from an unknown sender and seek verification through a different channel before doing so.
Employees who don’t know any better may also make mistakes such as accessing sensitive company information using an unsecured or unknown Wifi network. Providing regular employee training is vital to stop cyber security mistakes from occurring due to the ever-evolving cybersecurity landscape; keeping up with current security risks isn’t easy but must be taken seriously.
Using overly simple passwords
Perhaps one of the most common cyber security mistakes. From the names of pets and dates of birth to simple sequences of numbers like “123456”, easily guessable passwords help hackers access accounts and networks. The National Cyber Security Centre (NCSC) advises using three-word combinations to keep passwords hard to crack but easy to remember. Also, consider using multi-factor authentication for an additional layer of defence.
Passwords are a common cyber security mistake
Neglecting to keep devices updated and patched
A computer is only protected if is updated regularly. Updates for software, apps and operating systems contain the latest security patches that resolve identified vulnerabilities. When updates and patches are not implemented, threat operators can exploit these weaknesses and acquire access to devices and systems. Always install updates as soon as they become available.
Leaving devices unattended and insecure
Personal or company devices that have not been logged out of correctly and left unattended can leave personal details or company information accessible by unauthorised people. Never leave devices unsecured and ensure you lock your computer if stepping away from your desk.
Using unsecured connections
Using public internet connections that are insecure can put any private communications or sensitive data transfer at risk. Use a Virtual Private Network (VPN) instead. Through the VPN, all data traffic is sent via an encrypted virtual tunnel, effectively hiding your IP address when you’re using the internet and keeping your location private. VPN connections can also help keep you secure from external attacks.
Oversharing on social media
Cybercriminals will use public content shared on social media to their advantage. Social engineering attacks are formed by using personal or company information, allowing them to impersonate individuals in spoof attempts. Users over-sharing private information online is a classic cyber security mistake: it can also give attackers insights into passwords (by naming loved ones), let them know when they’re on holiday, or give away information about internal processes.
Lack of encryption
Encryption is useful for protecting sensitive data from being accessed by unauthorised users. Not encrypting data leaves it vulnerable and freely available for hackers to exploit.
Poor access controls
Allowing employees access to information they don’t require in their everyday jobs can create an unnecessary risk of cyber security mistakes happening. Proper access controls being in place limit the number of users who can access certain pieces of information and in turn, reduces the possibility of a data breach.
Make simple changes to stop cyber security mistakes from being made
By being mindful of these mistakes and you can avoid common cyber security mistakes. And in doing so, keep your personal and organisation’s data secure from cybercriminals.
Looking for assistance with cyber security for your organisation? Discover what Akita can offer:
View More
