Hypori Supports Cybersecurity Awareness Month
Every October, the nation observes Cybersecurity Awareness Month. Established in 2004 by the President of the United States and Congress, this initiative brings together public and private sectors, along with tribal communities, to raise awareness about the critical importance of cybersecurity. This year, Hypori is proud to support Cybersecurity and Infrastructure Security Agency (CISA)’s Cybersecurity Awareness Month.
We asked some Hyporians what Cybersecurity Awareness Month means to them, and this is what we heard:
“Every month is Cybersecurity Awareness Month for Hypori. As a cybersecurity company focused on a zero-trust architecture that reduces customer attack surface, cybersecurity is in our DNA. From building security into our product from the beginning all the way through how we access our systems and how we protect our intellectual property, our entire company sleeps, eats and breathes security. However, since our employees are the target of a myriad of cyber-attacks (phishing, smishing, etc.), we have focused a great deal of training toward how to protect our employees not only at work, but also at home within their personal cyber ecosystems. Without that holistic approach, our employees are at risk and subsequently our company. It’s the intellectual supply chain that is often overlooked.” - Matthew Stern, Chief Security Officer (CSO)
“Cybersecurity awareness is about more than just learning how to spot phishing emails. It is about creating a cohesive security culture that encourages reporting and asking questions. It is also important to remind employees to work with intention and stress how security best practices are relevant in their professional and personal lives.”
“There's not enough time in a year for cybersecurity, much less a month. There's so much news surrounding cyberspace that it can be hard to stay apprised of the newest threats. CISA, National Institute of Standards and Technology (NIST), Defense Information Systems Agency (DISA), DoD-Defense Industrial Base Collaborative Information Sharing Environment (DCISE), and many others send out security alerts and warnings almost every day. Vulnerability releases and subsequent patching is the new normal. Security is a responsibility shared by all of us and staying informed is half the battle, the other half is updating all your applications regularly.” - Colby Gray, Cybersecurity Analyst
As part of the 20th annual Cybersecurity Month awareness program, CISA put together the following four simple tips that everyone can implement to improve their cybersecurity online.
Use strong passwords and a password manager:
For websites that only require passwords and no other form of authentication, make sure that the password you create is very strong. Strong password requirements include entropy, meaning length and complexity), not guessable or in a dictionary, do not follow a pattern, and are easy to remember.
If you have trouble remembering your password, leverage an approved password manager. Do not rely on autofill or browser-based tools. We do not recommend using the embedded browser-based password managers. In September, a group of researchers developed a Chrome extension posing as an artificial intelligent-based (GPT) assistant to exploit vulnerabilities in the text input fields of webpages to extract user-supplied passwords.Turn on multifactor authentication (MFA): Enabling MFA or even two-factor authentication (2FA) is building another line of defense on top of a secure password. Most online accounts, especially email, social media, and financial accounts, can layer in MFA or 2FA. Leverage this additional safeguard, use authentication apps or hardware tokens for added security.
Recognize & report phishing: Phishing emails, texts, and calls have become the leading vectors for compromising data in 2023. It's crucial to exercise caution when dealing with unsolicited messages or calls requesting personal information. Here's how you can stay vigilant:
Be Wary: Avoid sharing sensitive information or credentials over the phone or email unless absolutely necessary. Always verify the legitimacy of the request.
Don't Click Blindly: Refrain from clicking on links or opening attachments sent from unknown sources. Cybercriminals often use these methods to deliver malware or steal your information.
Verify Requests: When in doubt, independently confirm the authenticity of requests by contacting the individual or organization through a trusted channel. Don't rely solely on the information provided in the suspicious message.
Report Phishing: If you suspect a phishing attempt, promptly report it to the appropriate authorities or your organization's IT department. Timely reporting can help prevent potential security breaches. Update software: Keeping your software up to date is a cornerstone of cybersecurity. In 2023, it's more critical than ever to stay vigilant and ensure your devices have the latest security patches and updates. The reason for this is that cyber criminals often target outdated software and applications and operating systems that have known vulnerabilities. A safeguarding practice that you should get into the habit of doing is regularly manually checking that your devices have updated, even if you have set up automatic updates. By doing this, you can ensure that you haven't missed any critical security patches.
Additionally, consider using software known for its inherent security features. "Secure-by-Design," a concept coined by CISA, signifies that software products and capabilities have been designed with foundational security. For instance, Hypori Halo secure virtual device is built using a secure Software Development Life Cycle (SDLC). We conduct manual and automated security reviews during every development phase for every component of our architecture and ensure that we comply with Department of Defense (DoD), NIST, Health Insurance Portability and Accountability Act (HIPAA) and other security frameworks.
By leveraging these cybersecurity tips, you can significantly reduce the risk of falling victim to cyberattacks. These proactive measures are essential for safeguarding your digital world and ensuring that your sensitive information remains secure. For more information about Cybersecurity Awareness Month and how you can stay safe online, visit CISA's Cybersecurity Awareness Month. Together, we can create a safer online world.
