10 Tips to Stay Safe Online from BSI for Cybersecurity Awareness Month

October is Cybersecurity Awareness Month which focuses on raising awareness of cybersecurity threats and promoting good practice for organizations and individuals alike. This year a key emphasis is on cyber hygiene, emerging technologies and the importance of our shared responsibility in building a cybersecurity culture both inside and outside the workplace.

The BSI global centre of excellence for Cybersecurity and Information Resilience has outlined the following advice for staying safe online:

– Organizations should promote security awareness and training programmes for staff to build a strong cybersecurity awareness culture that benefits both individuals and the business.

– Use different passwords for each account that you have. This will reduce the potential harm a malicious individual can do should one of these passwords be compromised. Use a password manager to store these if available.

– Install anti-virus software on devices that connect to the internet (e.g. laptops, mobile phones, tablets) and ensure that it is enabled and up to date.

– Beware of emails from sources that you don’t know and trust. Malicious individuals will often try to distribute malware or steal sensitive information by getting unsuspecting end users to click on infected links or attachments.

– Don’t use public Wi-Fi to access sensitive accounts (e.g. bank account). Public Wi-Fi networks often lack appropriate protection leaving users exposed to malicious individuals on the same network. Should you need to access sensitive information on public Wi-Fi, consider using a VPN (Virtual Private Network) to provide an extra layer of security.

– Don’t use weak passwords that could easily be compromised. Ensure that passwords are a minimum of eight characters in length and that they include a mix of upper and lowercase letters, numbers and symbols to increase their strength. – If it is available, complement your password by setting up multi-factor authentication (MFA).

– Be diligent when downloading apps and only download them from official app stores, such as Apple App Store and Google Play. Consider not installing an application if it asks for too much access to your phone or additional personal information at registration. This will prevent any unofficial applications being installed that may potentially contain malware or assigning unnecessary permissions to access your data.

– Don’t share sensitive information on social media or on any public sites. This information can include your home address; phone number; where you are going on holidays; an image of your car with the registration plate visible; or even your flight boarding pass.

– Shop on reputable websites only. If you are unsure check the website for contact details and call them to verify the address and don’t enter payment card details on a site that is insecure (e.g. a website that doesn’t have a valid padlock symbol in the address bar).

– Finally, be careful clicking links on social media sites. Malicious individuals will target social media users with posts that offer “great discounts” or “free prizes” in the hope that it will get widely shared on the platform helping to legitimise the malicious content.

Stephen O’Boyle, Global Head of Cybersecurity and Information Resilience Services at BSI says: “When online you should always ask yourself – am I safe? Our reliance on devices is growing daily and the threats are expanding also. We need to be aware of what the risks are and learn how we can reduce them. The main threats we are facing currently are individuals and companies falling for a phishing attack and accessing unsafe websites and attachments, this is happening daily. Our top 10 tips are the first steps for those who want to become more secure online, to strengthen their resilience and protect their data – and we would encourage everyone to take them on board.”

“Cybersecurity Awareness Month lasts four weeks, but we want everyone to enhance their resilience all year round. We work with organizations to raise their awareness of cyber risks through training and we see many people who are unaware of what is safe and what isn’t. Attackers can be on a network for 146 days* before they are found, and you can imagine the amount of data they can gather during that time. Being proactive rather than reactive will not only reduce the risks but will increase everyone’s security posture for the future.”

BSI provides a range of solutions to help organizations address their information challenges covering cybersecurity, information management and privacy, security awareness, compliance and testing. For more information visit bsigroup.com/cyber-ie