Image for post
Image for post
Credit: Tomasz Zajda/shutterstock.com

Small Cybersecurity Steps You Should Take. Today.

Mike Garcia, Acting Director, National Strategy for Trusted Identities in Cyberspace National Program Office (NSTIC NPO)

There’s no cybersecurity silver bullet. Be risk-based. Pick low hanging fruit. We’ve all heard lots of clichés about what it means to — here are some more — be cyber aware, keep a clean machine, even Stop.Think.Connect. The bottom line is that protecting online resources and information is difficult, it’s new and it’s rapidly changing.

Compared with other science and engineering disciplines, getting things done digitally is in its infancy. Relative to how long we’ve been building things like finely crafted bridges (think Roman aqueducts), protecting networks, computers and mobile devices is a brand new phenomenon. We’re making great progress, but in many ways we’re just starting to understand the environment … all while it keeps changing before our eyes.

As we start National Cybersecurity Awareness Month this year, we need to maintain the perspective that, even though we know that sometimes things will go wrong, individual users, businesses and their employees can all make a difference. And while we work together to solve information security concerns on a larger scale, it’s our daily actions that matter most.

In the thick of the day-to-day and with a continual barrage of bad news in the world of cybersecurity, it might be hard to see just how much progress we’ve made over the last several years. For example, 63 percent of confirmed data breaches in 2015 took advantage of leveraging weak, default or stolen passwords. But public awareness around the limitations of passwords is increasing and people are turning to multi-factor authentication (MFA) as a tool to secure accounts. A recent survey showed that 86 percent of people who use MFA feel that their accounts are more secure. And the number of websites offering MFA as an option is also increasing.

These improvements, more than anything, occur because every day, individuals — not just experts — take steps to do the right thing. Here are a few of the simple steps you can take to make a difference:

  • Close old accounts. If you don’t use them, close them.
Image for post
Image for post
The NIST Cyber Cat is very wise, and furry. Credit: Olga Bilevich/shutterstock.com/F. Webber/NIST

For many of us at NIST and everyone on the National Strategy for Trusted Identities in Cyberspace team, our everyday lives revolve around improving our society’s ability to deliver and consume services, to interact and share, and to do all that we do in our indispensable digital lives. We hope you’ll join us in recognizing National Cybersecurity Awareness Month by taking the time to secure your devices and data, and by encouraging friends and family to do the same.

Even taking these measures, things won’t always go right, but these are proven, effective ways to lower risk — the digital equivalent to checking your blind spot and wearing your seat belt. As with anything in life, doing the little things can make a big difference.

This post originally appeared on Taking Measure, the official blog of the National Institute of Standards and Technology (NIST) on October 7, 2016.

To make sure you never miss our blog posts or other news from NIST, sign up for our email alerts.

About the Author

Image for post
Image for post

Mike Garcia is an economist and Federal 100 award-winning cybersecurity expert. He’s currently serves as acting director of the National Strategy for Trusted Identities in Cyberspace (NSTIC) National Program Office and holds a Ph.D. in Agricultural, Environmental and Development Economics, an M.A. in Economics, and an MBA from Ohio State. Mike has been with NIST since 2011 and was previously with the Department of Homeland Security.

Written by

NIST promotes U.S. innovation by advancing measurement science, standards and technology in ways that enhance economic security and improve our quality of life.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store