There’s no cybersecurity silver bullet. Be risk-based. Pick low hanging fruit. We’ve all heard lots of clichés about what it means to—here are some more—be cyber aware, keep a clean machine, even Stop.Think.Connect. The bottom line is that protecting online resources and information is difficult, it’s new and it’s rapidly changing.
Compared with other science and engineering disciplines, getting things done digitally is in its infancy. Relative to how long we’ve been building things like finely crafted bridges (think Roman aqueducts), protecting networks, computers and mobile devices is a brand new phenomenon. We’re making great progress, but in many ways we’re just starting to understand the environment … all while it keeps changing before our eyes.
As we start National Cybersecurity Awareness Month this year, we need to maintain the perspective that, even though we know that sometimes things will go wrong, individual users, businesses and their employees can all make a difference. And while we work together to solve information security concerns on a larger scale, it’s our daily actions that matter most.
In the thick of the day-to-day and with a continual barrage of bad news in the world of cybersecurity, it might be hard to see just how much progress we’ve made over the last several years. For example, 63 percent of confirmed data breaches in 2015 took advantage of leveraging weak, default or stolen passwords. But public awareness around the limitations of passwords is increasing and people are turning to multi-factor authentication (MFA) as a tool to secure accounts. A recent survey showed that 86 percent of people who use MFA feel that their accounts are more secure. And the number of websites offering MFA as an option is also increasing.
These improvements, more than anything, occur every day, individuals—not just experts—take steps to do the right thing. Here are a few of the simple steps you can take to make a difference:
For many of us at NIST and everyone on the National Strategy for Trusted Identities in Cyberspace team, our everyday lives revolve around improving our society’s ability to deliver and consume services, to interact and share, and to do all that we do in our indispensable digital lives. We hope you’ll join us in recognizing National Cybersecurity Awareness Month by taking the time to secure your devices and data, and by encouraging friends and family to do the same.
Even taking these measures, things won’t always go right, but these are proven, effective ways to lower risk—the digital equivalent of checking your blind spot and wearing your seat belt. As with anything in life, doing the little things can make a big difference.