Each week throughout National Cybersecurity Awareness Month (NCSAM), members of the BARR Advisory team will be sharing insights on various topics related to online data protection. Check back each week for additional data security tips from BARR associates to you.
Week 3: Featuring Ken Daniels, Senior Consultant, Cyber Risk Advisory
Q: What internet safety tips would you share with clients when it comes to identifying phishing scams?
A: Phishing scams come in many forms (e.g., text, email, phone calls) and seek to collect user information that could allow scammers to access your personal accounts, including banking information. Here are three simple steps you can take to mitigate the risk of such attacks:
- Slow down and read any email or text thoroughly before sharing any personally identifiable information. If you have any doubts about a message’s authenticity, contact the company directly.
- Simulate phishing attacks within your organization to help personnel better identify them.
- Communicate the appropriate steps personnel need to take regarding where to find data security resources, how to identify scams, and the process for reporting incidents to the security team.
Week 2: Featuring Julie Mungai, Senior Consultant, Cyber Risk Advisory
Q: What are some of your go-to internet safety tips for clients?
A: My top three tips are: 1) If you don’t recognize an email sender or company, don’t click on any links within it to help prevent falling victim to a phishing scam; 2) Be cautious when using public WiFi networks and try to use a VPN when accessing the internet; and 3) Turn off Bluetooth when you’re not using it as the signal can be a gateway for hackers.
Week 1: Featuring Kyle Helles, Director, Cyber Risk Advisory
Q: If you could give clients one piece of advice in terms of protecting their online data, what would it be?
A: Credential theft continues to lead the way with system breaches, and that includes an increasing number of web-based system breaches at an alarming rate. The risk of weak or stolen credentials can be removed with one simple step and that’s to implement multi-factor authentication, or MFA. MFA takes something you know, such as a password or PIN, and combines it with something you have or something you are, such as a token, smartphone, or fingerprint to authenticate users in a secure way. With MFA in place, stolen passwords alone are useless to a malicious actor.
Looking to enhance your company’s cybersecurity practices? Contact us to set up a free consultation.