Cyber security starts with you, and because of that, I believe, that we should follow some cyber security commandments. I have written down 10 cyber security commandments that I use in my daily life. These commandments help me to add layers of security, that in order, make it hard for cybercriminals and data-miners to lure me into their traps.
As I am writing this, I quickly noticed, that you do not need technical skills to follow the commandments. It all comes down to being aware of the options, and knowing how to use those options.
10 cyber security commandments
The 10 commandments are easy to follow, and I would suggest, that you print it out, or create a screenshot, and recite them to yourself each morning as you wake up. You will get bored and tired of reciting these commandments. You will quickly notice, the simplicity of it. Once that happens, you can consider yourself a cyber security warrior.
- I shall not share my credentials with others
- I must not click on suspicious links
- I refuse to provide sensitive data over HTTP
- I will verify information via a second route
- I decline to utilize computer systems when tired
- I will perform security updates on the systems I use
- I will read the manual of the service/product that I am going to use
- I will take the time to configure the service/product settings
- I will utilize default security solutions like an anti-virus, ad-blockers and password managers
- In a case of ‘cyber’ emergency, I know who to contact or which steps to take
Explaining the commandments
I have written down the reasons why I think these commandments are important. Let me know what you think.
If you share your credentials with others, you open up the option, that your credentials might be used against you. You can lose access, trust, financials and even your identity. Always ask why that person needs your credentials, and ask why they don’t have their own credentials.
Cybercriminals try to lure you to their traps with every method which they have available. Most of the attacks are still effective, because unaware people click on links which navigate to malicious sites. You can copy and paste the link in VirusTotal, and VirusTotal will do a quick scan to see if the link is evil or not.
HTTP is a highway which is viewable to everyone. If you are on that highway, I can look into your car, and I can see exactly what you are doing. I can see where you are heading to, and I can see what you have stored in your trunk.
Once you use HTTPS, the highway will transform into a secured tunnel. Before you can enter that tunnel, a gate will make sure that nobody is in that tunnel. Once that has been confirmed, you will be allowed to travel through the HTTPS highway tunnel.
Snooping on HTTP traffic is very easy and the methods are accessible to a lot of people, so make sure to use HTTPS, as it will make it harder for anyone to snoop on your data.
Everything on the web should be considered fake, until verified. You can verify a lot of information by yourself. You can utilize multiple resources which cover the same topic, but you can also use the physical library. If you get an email which states that you need to do X for person Y, then simply follow-up on that mail by contacting that person by phone. Do not use the phone-number in the email, but use the contact info you already have stored in your contacts list.
If I am tired, the chance is higher that I will make a mistake, or that I will miss something. C’mon, you are a human being, if you are tired, get some rest. The system will still be there in 30 minutes. Take a powernap in those 30 minutes.
Updates and patches must be performed, the reason is simple. Somebody has found a mistake or improvement in the product, and they want you to have the latest secure version of that product or service. Why would you say no to a better and more solid house? Exactly.
Most of the products and services we use are ‘plug-n-play’, but the vendors often do provide additional steps in the manuals. These steps inform you on how to configure the system or service, and how to setup the configuration. A great example of this are the products which come with a default username and password. Read the manual, and configure the product or service that you are using.
I believe that you are Rambo, you are untouchable, but even Rambo used weapons and gear. These security solutions are your weapons. They add a extra layer to your defense system and most of the hard work is done by the security vendors. You just aim and shoot.
Ok, you did all of the above, and still something happened, do you know who to contact? In an emergency, it is important that you contact the right people, and that you know where to go. Take a look at your environment, and see if you got this covered. Setup a recovery email address, or create a short top 10 list of cyber emergency locations. For example, the police should be on that list.
Extra commandment, I will subscribe to the Youtube channel, but he will not be my only source of info. Likes and shares do support the site to grow. If you think I left out some info, then please do let me know in the comments.
Do you have any new ‘cyber security commandments’ ?
person in picture via.