KUALA LUMPUR (Dec 19): There are eight ways to strengthen ‘cyber-hygiene’ — or basic cyber security practises — which is key in preventing about 95% of security breaches that occured last year, according to Deloitte Malaysia.
In a statement today, the firm said many of the techniques attackers used to successfully breach systems in 2018 remain the same as those used historically.
While it is impossible to conclude definitively that security breaches would not have occurred even if stronger security controls had been in place, these reports suggest that it is far too easy for attackers to succeed, it said.
“Cybersecurity practitioners have, for many years, been promoting the adage ‘it’s not if, but when’ organisations will be impacted by a cyber attack.
“With attackers adopting and deploying increasingly advanced and sophisticated tools, and organisations struggling to address cybersecurity challenges — not least talent and skill shortages — ‘if, not when’ is probably true for most organisations today,” said Ho Siew Kei, executive director, risk advisory – Cyber Risk at Deloitte Malaysia.
Ho said failure to observe ‘cyber hygiene’ leaves organisations vulnerable to security breaches.
“Recent research reveals that over 80% of breaches involved the use of weak or stolen passwords; as access to corporate networks and applications are increasingly through corporate mobile devices or employee personal devices under Bring Your Own Device schemes, poor cyber hygiene at an individual level does have a direct impact on enterprise security — and attackers are certainly leveraging on individuals as the entry point to corporate systems and data,” he said.
He added that attempts to steal banking or other login credentials from mobile devices are also on the rise — a common method by deceiving or coercing individuals to install fake versions of popular mobile applications on the Google Play Store and Apple App Store for example.
Here are eight ways to improve overall ‘cyber hygiene’, to prevent such breaches:
1. Install security software on mobile devices
2. Avoid browsing questionable websites
3. Only download reputable mobile applications from legitimate sources
4. Exercise caution on social media
5. Use different passwords
6. Beware of phishing emails
7. Be careful when using public wireless networks
8. Consciously keep up with current security trends and threats