Top Ten Cyber Security Hygiene Tips

Cybersecurity Definitions Malware – malicious software that is designed to damage computer systems (viruses, worms, Trojans, and ransomware). Ransomware – malicious software that encrypts victims data and requests a ransom to be paid to decrypt data. Phishing – fraudulent emails that look legitimate, but are used to collect/reveal personal information (credit card numbers, passwords..)

Cybersecurity Statistics 1 in 13 emails contain malware Ransomware attacks rose by 36% in 2017 230k malware samples are created everyday 91% of all cyber crimes start with email 4k ransomware attacks occur globally each day

Why does it matter? December 2015, Ukraine power grid cyberattack 230 thousand people were left without electricity for a period from 1 to 6 hours The Equifax hack compromised 143 million social security numbers from the US. May 2017, ransomware attack shut down work at 16 hospitals across the United Kingdom. Atlanta ransomware attack in March has cost more than $5 million …and counting.

Everyone is a Target! Don't ever assume "It won't happen to me".  We are all at risk and the stakes are high – stakes being your personal and financial well-being.

Tip #1 – Avoid Phishing emails and phone calls Do not open email attachments or click on email links unless you are expecting that email – always be suspicious! Call the person that sent the email to verify that they actually did send it. Microsoft will not contact you when your computer has been infected with a virus nor that you need to change your password. Red Flag Words: account locked, suspended, verification required, suspicious transaction, protect your computer, funds due to you. Remember: It only takes one careless person to compromise the whole network/office.

Tip #1 – Phishing examples

Tip #1 – Phishing examples

Tip #1 – Phishing examples

Tip #1 – Phishing examples

Tip #2 - Update and patch your systems Update and patch your operating system (Windows/Mac), security software (anti-virus/anti-malware) and other software (Java/Office/Adobe). Enable auto updates, whenever possible.

Tip #3 - Anti-virus Use robust security products to protect your system against threats, ransomware, viruses, spyware, and other malicious code. Make sure that all of your systems (computers, phones..) are equipped with antivirus software and antispyware and are updated, regularly. Such software is readily available online from a variety of vendors. Configure all software to install updates automatically. Free Anti-virus software - Avast, AVG, Avira, Bitdefender, Check Point ZoneAlarm, Panda, and Windows Defender (for Win10 users)

Tip #4 – Backup! Backup! Backup! Regularly backup important data on all computers. Critical data includes word processing documents, electronic spreadsheets, and database reports that contain financial, human resources, and accounts receivable/payable files. Backup data automatically if possible, or at least weekly, and store the copies either offsite or on the cloud. 

Tip #5 – Practice good password management Use long passwords – at least 8 characters or more is recommended. Use complex passwords – a mix of letters (upper/lowercase), numbers, and special characters. Never use the same password for multiple sites. Don't share your passwords Don't write them down and/or leave them lying around (especially not on a post-it note attached to your monitor or under your keyboard). Update your passwords, periodically, at least every 90 days for important accounts.

Tip #5 – Practice good password management Bad passwords: Password123 12345 fluffie123 Good passwords: L@nest@R100% P!kesPEEK%59 Great passwords: 6g7gCH&#W gtMZjYt%PC Use a Password Manager (Keepass, Dashlane, sticky password…)

Tip #6 – Protect sensitive data Keep sensitive data (e.g., SSN's, credit card information, student records, health information, etc.) off of your workstation, laptop, or mobile devices. Securely remove sensitive data files from your system when they are no longer needed. Always use encryption when storing or transmitting sensitive data. Free encryption software – 7-zip, Axcrypt, Bitlocker…

Tip #7 – Secure browsing for sensitive accounts Only use networks that you trust for banking, and online shopping. Do not use public Wi-Fi for shopping or online banking.

Tip #8 – Multifactor Authentication Use multifactor authentication when possible, especially on important accounts. Using multifactor authentication will greatly reduce your risk of being hacked.

Tip #9 – Monitor your credit and existing accounts. Check your bank accounts for unusual activity. Go to AnnualCreditReport.com to get your free credit report.

Tip #10 – Mobile device Security Lock your device with a PIN or password - and never leave it unprotected in public. If you need to leave your laptop, phone, or tablet for any length of time - lock it up so no one else can use it. If you keep sensitive information on a flash drive or external hard drive, make sure to keep these locked as well. Only install apps from trusted sources. Keep your device's operating system updated.

Cyber Security Challenges

Thank you! Questions? electionsecurity@sos.texas.gov

BACK UP SLIDES