When I was asked to write about my ‘personal perspective’ on cyber awareness, my first thought was: What comment could I possibly make, when I have never been impacted by a ‘cyber event?’
On reflection, though, cyber threats and defences permeate into multiple points of everyday life. From trying to remember the number of passwords I use online (password managers are a godsend), to making sure I don’t impact OpSec when I am gaming online, to even making sure that I haven’t shared too much on social media – modern life is complex.
Phishing attempts are becoming increasingly sophisticated, and we shouldn’t assume people are naive when they fall victim to them. Most people now will recognise that when a foreign ‘Prince’ emails them, offering sums of money, that there is probably something untoward. Yet will the same people recognise a spoofed link in a text that claims to be about a highly publicised government initiative?
We are naturally trusting, wanting to see the best in those around us and to be helpful – but unscrupulous actors want to engage in social engineering and take advantage of this.
Talking about these issues really shows that the modern insider threat isn’t usually someone who has been convinced to act against the interest of the State. Instead, it is someone who has given away information to a source they believed was genuine, and therefore created a gap in our cyber defences.
It is relatively easy to take preventative measures and develop good habits so that you don’t fall victim to this sort of crime. Search engines are your friend in this.
Always double check the accuracy of a link, and don’t follow one that you have received in an unsolicited text or email.
Another step is to be careful with how much you leave open on social media platforms, as it can make it relatively easy to guess information about you by piecing a few things together.
I hope this piece has given you food for thought, and will make you question the online material you receive, before you act upon it.