Here are his top tips for you and your organization from Scott Klososky.
Improving Personal Cybersecurity
Use a Strong Password on Every Site: Use passwords that are long and contain a variety of letters, numbers and characters. Also, never use the same password on two different sites. If a site gets breached, and your password is compromised, wherever else you use that password is vulnerable as well.
Never Answer Security Questions Legitimately: When a website asks you to fill out security questions (e.g. Where were you born? What is your mother’s maiden name? What is the name of the street you grew up on?) do not give a legitimate answer. Make something up, even if it is gibberish. The true answer is likely floating around online somewhere or can be accessed by someone determined to find it.
Don’t Overshare Online: Be careful what you post. This information can be used against you, whether it’s to break into one of your online accounts, impersonate you, or discover your whereabouts to harm or rob you. We live in a society today where it’s difficult not to share online. Be cognizant of what you post and understand it could come back to harm you.
Regularly Monitor Bank Accounts & Credit History: Keep a close eye on your financial information. Especially now. Look for anomalies and report them right away if you see anything out of the ordinary.
Don’t Do Sensitive Transactions on Public WiFi: When you use public WiFi, people can see your online movements. They can gain access to information, such as a password or bank account information, if you access it while connected to an open WiFi.
Improving Organizational Cybersecurity
Keep Patching & Updates Current: As the Equifax breach proved, patching and updating is critical. When a patch is released, it’s like a timer for the bad guys. They know there is a vulnerability and they are working to discover places where they can exploit that vulnerability.
Encrypt & Segment Sensitive Data: Not all data is the same. Sensitive data, such as personal identifiable information, should be treated with greater caution. Use the rule of least privilege. Only allow enough people access to data that they need, so they can do their jobs, nothing more. Also, ensure all sensitive data is properly encrypted.
Be Wary of Third Party Access: Too many times we’ve seen breaches come at the hands of – not organizations – but their third-party vendors. When a third-party vendor has access to your data, your data is only as safe as their cybersecurity. When you’re handing over data or access to a third-party, ensure you fully understand their cybersecurity practices and the responsibility they will carry in the event of a compromise.
Use Multifactor Authentication: Your data should only be accessible through at least two different methods of verification.
Be Vigilant With On Premises Security: Physical on-premises security can be an important, and sometimes overlooked, component of cybersecurity. You must monitor physical access, be wary of strangers or people in uniform, look out for “tailgating” (in which individuals will try and sneak in a door without a badge), and never insert an unknown or foreign USB or external drive into a computer.
Team Member Training & Testing: Conduct regular cybersecurity training with team members and test them using a third party who can provide phishing, spearphishing, and/or social engineering testing.
ABOUT SCOTT A KLOSOSKY
Scott Klososky, a former CEO of three successful startup companies, has no fear about shaking up the status quo around the way we build teams and set powerful directions. His programs are known for delivering fresh observations, ideas, and practical steps that organizations can use to restructure groups, create effective strategy, and apply technology that’s full of impact. His keynotes are riveting and his workshops instill new concepts that can be applied immediately to maximize results.
Scott hit the ground running fresh out of high school, where his job as a delivery boy was a spring board into the world of technology. He became division head of computer sales, and then purchased that division as his own company. It was eventually built into a twelve store operation in three states.
His next endeavor was as Founder and CEO of Paragraph, Inc., a Soviet/American joint venture founded in 1988, despite international tensions. Half of the company was sold to Silicon Graphics and the other half is still expanding today (Parascript, Inc.). Scott then collaborated with H.R. Haldeman to publish his diaries of his years as an aide to President Nixon, which was a bestseller (Putnam Publishing) and involving Sony Interactive in the release of a companion CD-ROM.
The evolving internet ushered in a world of opportunity for inspiring pioneers, and Scott was not left behind. He was Founder and CEO of webcasts.com, an early producer of webcasted media ranging from corporate and government communications, to sporting events and entertainment. His expertise in leadership and his creative approach to business direction, inspired Critical Technologies to hire him as a turnaround CEO, where he completely rebuilt the underlying products and brought the company to profitability. Today, Scott shares his unique perspectives on technology, business culture, and the future, with audiences and organizations all over the globe.
To have Scott Klosoky speak at your next event on cybersecurity, call 515-974-8305 or email firstname.lastname@example.org