• Community Blog

COMMUNITY BLOG - Greg Sawyer- The low hanging fruit is your best first step

Updated: Dec 28, 2021

The community blog posts are written by InfoSec professionals from diverse sectors who have kindly provided articles for free to support the demystifying of cyber.

Author: Greg Sawyer

Organisation: CAUDIT

Being a parent and bringing kids up in digitally connected world can seem daunting. They are increasingly expanding their connections to the digital world and wanting increasing amounts of digital engagement. What should I be discussing with them? At the other end of the scale, what should I be discussing with my parents who find all the technology daunting?

In cybersecurity we must speak many languages. Business to break cyber down into impacts and risk. Jargon when engaging with the technical people dealing with the sharp end of cyber. Sometimes we even throw in nerd to share deep technical thoughts. The media likes to present cyber in sensational language to increase clicks on a site . An imposing world of sensational news stories, well-crafted images portraying the cyber threats as shady characters with the might of adversaries like Korea, China and Russia behind them. A language we should all speak is keeping it real. Yes, those threats are there but some simply good practices, known as cyber hygiene, can make a massive difference.

So, my advice to my kids and parents.

1. Download and use a password manager. It might take a bit to get used to but in the long term it will prove valuable. There are plenty available but LastPass, Dashlane and 1Password as good starting points. Store your password manager password securely in a safe. That’s the only password you need to remember.

2. Use passphrases instead of passwords where possible. A passphrase is series of random words with a special character, number and capital letter that is at least 32 characters long. If you can make it even longer than that. They are easier to type in as they are a series of words.

3. Use a different passphrase or password for each system. This ensures if you are compromised, they only get access to one of your accounts, not all.

4. Utilise multifactor authentication where possible. Multifactor authentication is a second check to passwords when authenticating (logging in). It can be as simple as receiving a SMS with a unique code to enter in when authenticating.

5. Utilise antivirus software and the security tools that are available on most computerss. Turn these on to the recommended to default. The Australian Cyber Security Centre (ACSC) web site has some good guides to assist you.

6. Avoid clicking on links. If in doubt with any email, SMS or website you are accessing, see if you can find another way to check it is safe. Search for their details online and call that company. Try to avoid clicking on any links if you can. Most good companies will not contact you like that.

7. Update your systems. Turn on auto updates and if unsure ask someone who you know has the skill, talk to a professional or again use the resources from the ACSC link in this blog (or if following my advice, search for them yourself). The ACSC step by step guides are invaluable. Avoid well-meaning friends if you can. The best intentions may end up in you being worse off.

Implementing some basic good cyber hygiene and being aware will help keep you safe online and hopefully allow you to enjoy the time connected, not fear the shadows in the background. Spend the time to complete the basics and I wish you safe browsing.

Helpful links:

Australian Cyber Security Centre for individuals and families - https://www.cyber.gov.au/acsc/individuals-and-families

COMMUNITY BLOG - guest author Greg Sawyer - 1 June 2021

25 views0 comments