Skip to main content

Watch our latest video: "3Q2023 Market Review and Outlook for 2023"

Security concept Lock on digital screen illustration

5 Best Practices to Curb Your Cyber-Risk

Photo of author, David Nolan.
David Nolan
Senior Investment Strategist

While cyber-attacks on familiar names like Target and credit reporting company Equifax have made headlines in recent years, cyber-attacks in 2019 have been plentiful and worldwide. Some examples include:

  • In January, Singapore's Ministry of Health (MOH) revealed a data breach involving 14,200 individuals. While the number may not seem all that serious, the nature of the incident certainly was -- given that these people were all diagnosed with HIV. An unknown hacker managed to steal the information -- alongside 2,400 of their contacts -- and the records were published online.
  • Facebook is a constant source of data leaks and security failures these days -- and an incident in April was no exception. Two AWS (Amazon) servers were found by researchers to store over 540 million records including account names, Facebook IDs, and user interaction data. The servers in question were owned by third parties and were not properly secured.
  • Another data breach in April involved the Georgia Institute of Technology. Georgia Tech said a vulnerable web application provided access to a database which stored the personal data of current and former staff and students. In total, 1.3 million individuals are believed to have been affected.
  • Yet another data breach in April involved automaker Toyota. The company has recently faced a barrage of intrusions across Australia, Thailand, Vietnam, and Japan, and in the last case, as many as 1 million customers and employees were impacted. Reports suggest that eight Toyota subsidiaries and dealerships were attacked, and hackers were able to access internal computer systems. Names, dates of birth, and employment information -- at the least -- were involved.
  • In the U.S., a data leak involving individuals seeking out rehabilitation for addictions in April also proved to be a serious breach of trust. An unsecured database stored 4.91 million records including patient names and the treatments they sought.
  • First American, a real estate and insurance giant, said in April that a data breach of critical severity had revealed 885 million documents. Dating back to 2003, these records included Social Security numbers, driver's license images, financial data, and transaction records. What made matters worse is that the information was available on the firm's website for anyone to steal.
  • In June, it was disclosed that information belonging to up to 9 million Quest Diagnostics patients had been compromised. AMCA, a billing collections partner, was at fault. A hacker managed to access the firm's systems; and it is possible that financial information, Social Security numbers, and medical information has been either exposed or stolen outright.

    Best Practices
    With cyber-hacking becoming an almost daily occurrence, what can we do as individuals and companies to protect ourselves? Here are five best practices to consider:

    #1 Password Management
    Creating a strong password is a simple thing to do, yet it’s often overlooked in lieu of more complex technologies and practices to protect a system. However, a strong, unique password is not only a great first step in cybersecurity, but it’s the simplest, easiest way to prevent unauthorized access to a system. For the highest level of protection, passwords should have no fewer than eight characters (a mix of upper and lowercase letters, numbers, and symbols) and should not include words that would normally be found in a dictionary. Consider using passphrases, such as a made-up sentence, to help remember increasingly complex passwords.

    #2 Device Deployment
    A second cybersecurity best practice to adopt is very straight-forward: Follow manufacturers’ recommendations for how devices should be deployed. Don’t cut corners to save time or money when it comes to deploying new devices to employees.

    #3 Updates and Patches
    Another simple but often overlooked step in cybersecurity is keeping device firmware and software up-to-date. Updates provide patches against security threats that may exist, as well as patches for bugs in the software.

    #4 Secure the Ecosystem
    All devices and systems are part of an overall ecosystem, so securing the network and everything that connects to it is another step toward maximizing cybersecurity.

    #5 Ongoing Management and Maintenance
    Cybersecurity is not a one-time consideration; it’s an ongoing process. It’s critical to continually engage in password management, proper device deployment, system updates and patches, and to replace components that may no longer be supported by the manufacturer. It’s also important to look at components that may wear out over time, such as hard drives, workstations, laptops and even IP cameras that may be vulnerable to hackers.

    Despite the likelihood that we will all experience a cyber-hack at some point, it is possible to lessen the odds of becoming a victim. Consult with a professional IT company for questions and concerns. For more details on cybersecurity practices, check out this Security Magazine article.


Related Insights
I Stock 1295819327 Spangler Blog USE

Do You Know the 80/20 Rule in Homeowners Insurance?

Have you heard of the 80/20 Rule? The 80% Rule is an insurance industry standard that stipulates policyholders must carry enough homeowners insurance to cover at least 80% of their home’s replacement cost. If a policyholder’s coverage falls below 80% of the home's replacement cost, the policyholder becomes a co-insurer in their loss, which can be a significant financial burden. Learn more

Read More
FDIC Blog Banner Image

How is My Money Protected by FDIC and SIPC Insurance?

FDIC and SIPC insurance provide important protections to individuals and businesses in the banking and securities industries, respectively. FDIC insurance offers coverage for deposits at FDIC member banks, protecting the principal amount of the deposit in case of bank failures. SIPC insurance provides limited coverage for securities and cash held by customers of failed brokerage firms, helping to facilitate the recovery of assets in case of insolvency or fraud. Learn more.

Read More
I Stock 500879336 copy USE

Finding the Right Insurance Agent

Protecting your home and auto assets is an important piece to your LifePlan. But finding the right Homeowners and Auto insurance can seem overwhelming. Do you just go with what's easiest and choose someone you know? One way people navigate this complexity is by talking with an independent insurance agent. Independent agents are licensed to sell insurance products from multiple companies instead of being direct employees of just one company. Learn more.

Read More