Cyber Hygiene: How to Clean Your Online Presence

In 2000, Chinese hackers began a nine-year assault on telecommunication giant Nortel. Hackers used remote access and automated software to generate a large number of password guesses to eventually break the credentials of seven executive team members. The hackers successfully obtained critical reports, research and development materials, employee emails, and strategic information. Unfortunately, Nortel’s top executives neglected to secure their network and eventually declared bankruptcy in 2009. As Nortel disintegrated, Chinese telecom Huawei grew, with some speculating Huawei’s rise was at the expense of Nortel.

Nortel’s downfall raises awareness of the devastating consequences that are the result of a cyber-attack. However, there's a growing tendency to generalize cyberattacks as simply “cyberattacks,” leaving us numb to the term rather than educated. This makes all cyberattacks seem like nebulous boogeymen. In fact, there are many different types, and taking these threats seriously is the first step in preventing them.

Everyone must evaluate their online behavior and become hyper-vigilant about their cyber hygiene, the measures taken to ensure one’s health and safety online. Cyber hygiene begins now, with improving passwords, enabling two-factor authentication, being aware of AI-related cyberattacks, and routinely scrutinizing potential online threats.

Business leaders must invest time and money into their organization’s cybersecurity strategy by first training employees to maintain good cyber hygiene. Many executives and board members are hesitant about spending millions on cybersecurity. However, cybercriminals take $400 billion per year from companies, and much of that theft goes undetected. Technological solutions are simply not enough to prevent a cyberattack. Making employees aware of threats is crucial.

Here are three things companies must do to immediately implement an adequate cyber hygiene program:

Set the tone at the top

1. Executives are responsible for setting the company culture. When they support a cybersecurity initiative, the company follows.
2. A CEO who takes cybersecurity seriously will influence his or her employees to do the same.

Make cybersecurity a part of the office conversation

1. Discuss cybersecurity measures regularly. Learn from Nortel’s mistakes and make employees aware of the dangers.
2. Create a best practices document with instructions for changing passwords every 90 days, updating antivirus software and other apps, protocols for downloading third-party apps on work computers, etc.

Understand and limit access

1. Know which employees have access to workstations and keep this information up to date (expired accounts are targets for hackers).
2. Minimize attack exposure by limiting access to only those who need it.

Personal cyber hygiene is equally as important. Business and personal information are intertwined, and it is nearly impossible to untangle the spider web when a cyberattack occurs. Many people manage their work and personal lives on the same smart device. Protecting one’s cell phone is just as important as protecting one’s work computer. It is essential to know what apps are on smart devices, what personal information they require before downloading, and what the potential risks are in having those apps. Scrutinizing emails for suspicious activity on phones and home computers is also important. Essentially, any cybersecurity strategy employed in the workplace carries into the home and impacts personal devices.

It's time to be more cautious on the internet. Technology has come a long way and the most reliable security guard for your information is you.