It only took about 10 months and a couple of close calls, but the President announced his Cybersecurity Czar today. Hopefully the position is still as strong as the original intent. More importantly than the fact that we finally have a person in this position, is what both the Czar and the President have said concerning Cyber Security.
The goal for a secure infrastructure is not just the responsibility of the Cybersecurity Czar and his team. It’s the responsibility of everyone in the Nation (and I will say everyone in the World). There are steps that you, as individuals need to take, in order to protect your computers and your information from criminals.
Your responsibility lies in five areas (four of which are listed in the announcement that I’ve linked to).
- Keep your security software and operating system up to date. As vulnerabilities are discovered and patches are created (or signatures are released for your antivirus and antispyware programs), it falls on you to make sure that you download these patches and signatures. All of the protection in the world doesn’t do a bit of good, if it’s sitting somewhere else. Keep your antivirus, firewall, antispyware, and operating system updated—regardless of who makes it.
- Protect your personal information online. Basically this means that if you wouldn’t advertise it in a newspaper, on the radio or television, or hang it on a sign, then don’t publish it on the Internet. Along these lines, be ware of “phishing” attempts. No legitimate business will attempt to get you to login through links in their e-mails to you. They may send you an e-mail that requests you to login to the site or business, but they will not provide you with links.
Sites like Amazon will send you tracking links, but only AFTER you’ve made a purchase. Phishing attempts are where they initiate the contact to you, in the attempt to fool you into giving them your information. If you get e-mails about how your information has been compromised, or how your access to your money is in jeopardy, CALL the company. Don’t log into their website. In truth, if your money is at stake, you shouldn’t trust it to the Internet. And you should have the contact information—which means you won’t need to use any that are provided in the e-mail.
- Know who you are dealing with. This goes hand in hand with the phishing schemes. The phishers hope that you’ll believe they are who they claim to be. Make sure that they are, before you deal with them. Call the company, if it’s one that you’ve done business with in the past. If not, then research the company before you reply to them. The Better Business Bureau or the FBI have good information about legitimate businesses and scams. Google can help too. If you see a bunch of negative posts or comments about a business, then you probably won’t want to deal with them.
One thing that is mentioned in the article that I want to comment on is the statement that cyber criminals often embed the capability to steal passwords and files into free software. This is true to an extent, but it does NOT mean that all free software has that capability in it. There are a lot of free applications which are safe and regarded. If you are in doubt, submit the exe file to sites like http://www.virustotal.com. If it comes up clean, then it probably (but not guaranteed) is clean. Remember that nothing is 100%, but a clean bill of health from 42 different antivirus programs either means it’s brand new (and you’re one of the first to run into it) or it’s clean.
- Learn what to do if something goes wrong. There are many sources of information that you can turn to. This site (and my contact) are one. If it’s computer-related (hardware or software problems) then the manufacturer of the computer or program will have support. Otherwise, you can search for support. Search for the exact error message and the program or part that it affects, or the symptoms that it is showing.
If it’s crime-related or phising related, then you can check the Internet Crime Complaint Center, The FTC, or even send any spam or phishing e-mails to the FTC’s e-mail address. (note the links will open in new webpages or open your default e-mail provider).
- The fifth thing that you need to do is education. Both in terms of educating yourself on how to stay safe online (and how to protect your computers and networks), and educating your family and friends in how to stay safe and protect their computers and networks.
Even though this Czar is a member of the United States Government, these steps are world-wide. They have nothing to do with borders (except that you will want to find your local law enforcement agencies). They have EVERYTHING to do with us (the honest citizens of the world) protecting ourselves and each other from the criminals in the world.
Have a great day:)