Held every October, National Cybersecurity Awareness Month (NCSAM) aims to educate organizations and individuals on the ever-changing field of cybersecurity and encourage proper security practices. This year, NCSAM’s overarching theme focuses on three key areas where extra steps are necessary to remain safe both at home and in the workplace: Own IT, Secure IT, and Protect IT. In this blog series, we have compiled a list of top Rapid7 blogs that correlate with each NCSAM theme to offer readers a comprehensive overview of the space and some actionable cybersecurity tips to implement through the rest of October and beyond.
Once you’ve established where you could be at risk online and secured your data and personal information, it’s time to work toward maintaining your digital profile. By conducting routine checks of your privacy settings, you can reduce your risk and keep private information, well, private.
In this blog, we will highlight must-read blogs that align with NCSAM’s “Protect IT” sub-themes of be secure, theft and scams, and your digital home:
Consistently ensuring your digital presence is secure sounds daunting, but is well worth the effort. Use these blogs as inspiration for ways to live a more secure life online:
Whether you’re moving all or some of your assets to the cloud, taking a strategic approach for securing your cloud environment is vital. Learn cloud security best practices, how to avoid common pitfalls, and how to get the most out of your cloud usage.
For many security professionals, helping friends and family with their tech troubles is a common occurrence. In this blog, we share a few pieces of advice for adjusting to your role as the family tech expert that can also help anyone looking to shore up their approach.
In your efforts to better secure your accounts, consider using a password manager. This blog contains questions you should ask yourself about your password choices, along with advice related to password managers.
Theft and Scams
It’s no secret that attackers are using any methods available to attempt to infiltrate networks and steal personal information. Keeping yourself informed about common types of scams and how you can protect yourself from them will help better ensure you are protected if you become the target of an attack.
The right phishing email sent at just the right time can greatly increase the chance that it dupes its recipient. Read about one scenario where an employee fell for a phishing email they knew was coming because of the way it was crafted.
At Rapid7, our penetration testers make a career of highlighting organizations’ weak spots by attempting to hack them. This story of how one penetration tester managed to compromise a healthcare portal before he even finished his morning cocoa serves as a reminder of what’s possible for an attacker, and why it’s important to be prepared.
Phishing is a problem as old as the internet, and it isn’t going away anytime soon. This blog details how to prevent, detect, and respond to phishing attacks.
Your Digital Home
As homes become increasingly reliant on digital elements that could unwittingly become entry points for attackers, it’s important to consider how you can reduce risk in your home by purchasing the right pieces of technology and enabling (or disabling) particular settings. These blogs break down what you should know about introducing new IoT tech into your home.
1. National Cybersecurity Awareness Month: Manage Your Risk at Home with Simple Tweaks to Your Voice-Controlled Devices
Voice-controlled devices can help handle countless tasks in your home, but they still come with some risk. Fortunately, there are tactics you can use to stay secure.
Prefer your security advice to come in rhymed verse? Check out this story of how our team successfully hacked a printer for some insight into what’s possible with the right tools and people.
The holidays may feel far away, but the advice in this blog applies year-round when you are purchasing anything that will connect to the web inside your home. You don’t necessarily need technical knowledge and an in-depth understanding of security topics and vulnerabilities to make more-informed decisions.