Five Things You Can Learn About Cybersecurity from the Recent National Order
Updated: Jun 22
In May, the Executive Order on Improving the Nation’s Cybersecurity (referred to in this article as the “National Cybersecurity Order”) was signed. If you have followed the news lately, you know that cyberattacks on the nation’s infrastructure are escalating. You probably won’t be surprised to know that cyberattacks on individuals are increasing as well.
The National Cybersecurity Order contains recommendations for what the government needs to do to improve its defense against growing cyberthreats. As individuals trying to protect ourselves from fraud and identity theft, what can we learn? Let’s look at a few highlights that can be applied in your life to protect your money and increase your peace of mind. First, here is a little background.
The Order starts by stating: “The United States faces persistent and increasingly sophisticated malicious cyber campaigns.” No one can argue with that. We are all facing persistent and increasingly sophisticated cyberattacks and scams. How many email scams and robocalls do you receive every month?
Next, the Order says the government must “improve its efforts to identify, deter, protect against, detect, and respond to” the actions of these cybercriminals. We agree that these are great goals for the government and for everyday Americans. Here are five (5) things you can do based on the government recommendations to help stop cybercrimes.
1. Remove Barriers to Sharing Information
The first substantive section of the National Cybersecurity Order discusses breaking through some of the red-tape that different government agencies face related to sharing threat information. We all face barriers to sharing threat information. Two common barriers that Americans face related to sharing cyber-fraud details are:
Embarrassment about being a victim of fraud, and
Uncertainty regarding how to report cybercrimes.
Americans need to overcome their embarrassment and fear if we become a victim of a cyber-scam. According to Statista, over 37% of Internet users in the United States have been a victim of bank card or online banking fraud. If you are a victim, then you are not alone.
We also all need to know how to report cybercrimes. Criminals want to steal your money and get away with it. If you don’t report the crime, then they will. The government Website that helps you report cybercrimes and scams can be found here: https://www.usa.gov/stop-scams-frauds. Another good step is telling a trusted contact about the cybercrime to get help if you need it.
2. Modernize Approach to Cybersecurity
Next, the National Cybersecurity Order states that the government must adopt modern security best practices. Change is hard, and many of us have probably been following the same habits related to personal cybersecurity for the past 5 years. It is likely time that you should adopt some new best practices to protect yourself from cybercrimes.
When was the last time you changed your passwords? Do you always use a VPN when using public networks? Are you using automated alerts from your bank to keep you informed? For a free checklist with some modern security best practices, visit https://www.guidechange.com/free-guide-download.
3. Enhance Software Security
The National Cybersecurity Order discusses how the security of the software that the government uses is vital. We all rely on software to perform more of our daily routines today than we did a few years ago. Therefore, we need to make sure that we use software from reliable vendors. Terms and conditions of software companies are notoriously long and difficult to understand, but you still need to realize what you are risking by using the latest app or social media tool.
What if your information was being sold to partners of the free app or social media company? Sadly, it probably is. As the saying goes, if you are not paying for software, then you are not the customer. You are the product, and your information is being sold to others. Make an effort to understand how a software company makes money and uses your information. Also, think twice before posting detailed personal information that can be used against you by cybercriminals.
4. Establish a Cyber Safety Review Board
The government is directed to form a board that will review threats make recommendations. OK, so it may be a bit too much for each of us to form a review board of experts. But, we can still learn from the experts. Make it a habit to read one new article or book per month that can help you improve your personal cyber safety. To get you started, here is a recent article by PC Magazine: https://www.pcmag.com/how-to/12-simple-things-you-can-do-to-be-more-secure-online.
5. Standardize Playbook for Responding to Cybersecurity Threats
The National Cybersecurity Order also recognized that there was a lot of inconsistency regarding how parts of the government identified and recovered from cybersecurity vulnerabilities and incidents. People can be inconsistent as well, and very few people are likely to have a playbook for responding to threats. What could you do to create a standard playbook for how you will reduce vulnerabilities and recover from cybercrime incidents? To get started, here are a few ideas of what to include in your personal cybersecurity threat playbook.
Make a backup of important documents and data and keep them safe
Investigate any suspicious activity
Determine if you have any losses
Report incidents to authorities and notify anyone else who may be at risk
Keep documents and write down details regarding the incident
Investigate procedures for restoring your security
Change passwords on vulnerable accounts
Write down lessons learned to minimize future risks
The National Cybersecurity Order is a timely reminder of the threats that we all face from cybercrimes and fraud. It outlines several steps the government is taking to reduce risk, and there is a lot that we all can learn from these national cybersecurity recommendations. For more information regarding improving your personal cybersecurity, please visit us at GuideChange.com.