Last year I taught a class called 'Cyber Security for You and Your Clients' at Scaling New Heights. Several people commented that they had never been so 'scared' in all their lives regarding cyber threats. Clearly I brought out some primal fears in people, kind of like popping your head up while playing in the ocean surf realizing that sharks are circling you.
The reality is that the sharks (cyber sharks) are circling and each of us are just bait in the water as far as they are concerned. I'm presently in the process of preparing updates to my 'Cyber Security for You and Your Clients' content for this year's Scaling New Heights conference. I thought as part of that I would post a few morsels between now and the conference, probably about 1 per month, so be on the look-out for my 'Cyber Security Tips'.
Updates and Patches
One of the biggest sources of cyber threat rests within your own software, especially in term of your 'operating system' and 'security software'. Let's face it, the majority of business computer users are using Windows-based machines, so Microsoft is their source for operating systems. Fortunately, Microsoft stays aware of the threats within the cyber arena and is continually pushing out security updates for their 'supported' operating systems. Unfortunately, many users do not keep their operating systems fully up-to-date with regard to security patches.
Another aspect of this concern is that users choose to remain on their older operating systems despite the fact that they have been 'sunset' with regard to software support. Choosing to use unsupported, and therefore non-patched software, is like leaving the front door of your home open. with a big sign posted "please steal my belongings" when you head out for a long weekend.
OK Mac users, you say you are 'more secure'. While Mac maybe slightly more secure from an OS standpoint, the big reason you are more secure is that cyber criminals don't use Mac computers, so they don't write malware for Mac computers...but sooner or later they will get around to it.
The same principal regarding failure to remain current applies to security software such as antivirus, anti-malware and firewalls. I don't know how many times I have gone into a small business and found the 'free flavor of the week' antivirus installed. They have maybe as many as 16 different antivirus programs on their computers, none of which are up-to-date because they were like a 10-day or 30-day free trial they kept downloading off the internet.
Remember, "you get what you pay for", who are you going to blame when your free trial of 'no virus this week' brand software allows a ransomware attack on your hard drive?
The reason that good antivirus software isn't free is because it is 'good' antivirus software. Buy the best you can get, and keep it up to date in terms of both the program itself, and most importantly the threat (malware-definition) updates, don't wait for the software to start flashing red or yellow telling you that you haven't updated your virus definitions or threat catalog, insure that those features are on automatic for immediate regular updates.
Failing to keep your computer's security 'up-to-date', no, really 'up-to-the-second', is like posting a big sign in your yard telling crooks, "Alarm is off, front door key is under the mat, and we are gone for a week, please enjoy our hospitality".
So, if your operating system and anti-virus program are not up-to-date, then you deserve to be 'scared', because you should be. The threats are real and you have just invited them into your cyber domain.