October is National Cyber Security Awareness Month. Started by the National Cyber Security Division within the Department of Homeland Security and the nonprofit National Cyber Security Alliance, the month raises awareness about the importance of cybersecurity, as described here.In October and year-round, members of the InkHouse Security Practice spend our days, in large part, raising awareness for companies, technologies and people doing noteworthy things to solve some of the world’s most pressing cybersecurity problems.
We deeply value the role of the media in shaping a more secure future. The reporters and editors we work with are so steeped in cybersecurity knowledge, covering the issues day in and day out, we decided to ask a few of them, "What is the top security tip you apply to your own life?"
We’ve certainly benefited from hearing their responses and we think you will too. In the spirit of knowledge sharing as National Cyber Security Awareness Month comes to a close, here are five security tips from our journalist friends. Many thanks to Scott Matteson, Shannon Vavra, Kelly Jackson Higgins, Curt Franklin and Sara Peters for their sage advice.
"In a nutshell, my top security tip is to never use the same password twice. I use a great program called KeePass which stores all my passwords and I can just copy/paste them into a web site to log in.
I know it's a very common trend to use the same password for everything, but it's putting all your eggs in one basket. I subscribe to the principle of one egg per basket.
This means if one bank account is potentially compromised I don't have to rush through a flurry of password changes, but just deal with the one account." -Scott Matteson, contributing writer, TechRepublic
“The best way I stay vigilant about my own cybersecurity is by being paranoid -- I try to never blindly click on any link or attachment emailed to me. If I’m skeptical about an email or attachment, I run the links through test portals that tell me whether or not it is malicious. I also never conduct any sensitive activities, such as banking, on public Wi-Fi networks or on others’ devices.” -Shannon Vavra, reporter, Axios
“Always VPN.” -Kelly Jackson Higgins, executive editor, Dark Reading
VPN defined: A virtual private network (VPN) extends a private network across a public network, and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. The best VPN services of 2018 can be found here.
“The whole Dark Reading team travels with our own personal secure hotspots so we never have to connect to public WiFi,” adds Dark Reading Senior Editor Sara Peters. “We all use multi-factor authentication whenever and however possible.”
“I encrypt like mad,” says Dark Reading Senior Editor Curt Franklin, including his entire hard drive.
For more info on what encryption is and how it works, check out this article.
“I’m the resident privacy rights nut, so I generally say ‘everyone and everything is on a need-to-know basis, and nobody needs my 24/7 location data.’ In other words, I’m not going to let any and every app use my location, send me push notifications, access my photos, access my microphone, operate in the background, make changes, etc.
Every time I buy a new device I go through ALL the settings looking for things that would enable the manufacturer or an attacker to take too many liberties with my device or my data. If I can limit ad tracking, say no to cookies, decline to fill in certain fields on a form, I will.
When people act unconcerned about security and say ‘I have nothing to hide,’ I’ll say ‘but I might, and I’m in your contacts list.’ (My other responses are ‘…yet!’ and ‘You only think you don’t have something to hide, because you’re thinking like a good guy, not a bad guy.’)
I have a dumb home – not a smart home – and I don’t even like talking to someone on the phone who has an Alexa.
I have five security apps on my iPhone alone, and I’m not convinced that’s enough. I do NOT use Messenger; I do use Signal. I don’t use Venmo, and on the few occasions when I’ve been forced to, I’ve given no genuine details of the purchase: I’ve said ‘hiding the bodies,’ or “I know, he knows, nobody else needs to know.’
Also, I just use paper.” -Sara Peters, Senior Editor, Dark Reading
To learn more about InkHouse’s security practice, please contact firstname.lastname@example.org.
For the past 13 years, Tiffany has helped tech innovators – both emerging-growth and established companies – to differentiate themselves and succeed in competitive markets through targeted and aggressive integrated communications programs. Her expertise spans markets such as cyber security, cloud computing, enterprise software and renewable energy. Tiffany has led the PR efforts of more than a dozen IT security companies, leading to numerous acquisitions. She has a B.S. in Public Relations from Boston University’s College of Communication.