Many people around Houston are seeing physical security measures taken to protect the players and attendees for the Superbowl. What you can’t see is the cyber nets of both the good guys and the bad guys. You need to take a few steps to prepare yourself if you are attending the festivities or parties with friends and neighbors.
You see, it’s not only large corporations that have been victims of data breaches in recent months — Target, Home Depot, LinkedIn, Yahoo!, ADP, Verizon (Enterprise), Sony, Anthem Insurance and even the DDoS (distributed denial of service) incidents around the United States have heightened awareness of vulnerability. But we predominantly consider examples such as these in industries rather in our homes or on our portable devices while home and abroad. Many people say they are risk adverse until they have doors open that share new and potentially frightening information.
In the interest of safety, I’m not sharing details either confirmed or suppressed as part of this event (or other National Special Security Events, NSSE, that I’ve worked). What I want you to realize is our connectedness electronically and the Internet of Things (IoT) opens portals of vulnerability that are not protected until it’s too late simply because we don’t consider what’s incorporated into our every day lives.
Communication is the first key to maintaining your relationships both with your business’ brand integrity and reputation and also with your personal network. There are separate things to consider for business versus personal messaging that contribute to successful “asset protection” (in the parlance of security experts).
Follow corporate best-practices when celebrating large events, because it’s quite realistic that your mobiles are under electronic attack. Know how to respond appropriately, use expertise benchmarks and don’t over-react.
1. Preparation messages about expectations are essential. Your family and friends should understand when you take steps to limit liability; your clients for corporate endeavors expect it. Being transparent and authentic is trendy on your social media accounts, but it has reverberations that echo throughout your life when you over-share as thieves admit.
Action item: Turn off “air drop” on your mobile devices as well as auto-link to wifi. If you really need to share something, use your personal connection via your cellular service provider and pay for that security rather than floating off of a general free wifi. Hackers love people who skirt the system to save a buck because it leaves them open doors to take your information.
2. Timing of messaging is nearly as critical. Law enforcement personnel are amazed at people who post vacation pictures while on vacation. As in the previous step, the timing of your posts is critical - and you don’t need to be distracted at your event to post something “telling” others what a great time you’re having (plus it gets lost in the professional posts). This applies when attending a party or the Superbowl, or when traveling internationally.
Action item: Share your best photos after you’re home as that’s when it will receive more attention (and you have time to pick the best image without having typos in the caption).
3. Think about your infrastructure as well as communication. Frequently, we consider governmental utilities as being targets for public disruption. But if you have “cut the cord” for your home phone service, internet or even dropping cable television, you have also severed a backup that, while it uses older technology, is not as “sexy” for breaking and entering into your private life.
Action item: Pay the few dollars to have the old telephone landline reintroduced to your home. You can pay for access to the basic service and the ability to make long distance calls without using it until there's an emergency. It’s crazy cheap and a solid way to make sure if your cell phone or computer are hacked (or have a water incident while at a Superbowl party) that you can still handle your business as well as not have your family worry when they cannot reach you. Make sure to put the number on the National Do Not Call list! In addition, don’t give everyone your home internet password; create a guest system with its own password, which will not impact the speed of your own devices—if you’ve disabled your network from broadcasting its name publicly, that makes it even better protected, so think of a non-standard name for the network, too.
4. Determine how your home devices leave doors open. Being able to turn on your lights while out of town is neat, but what if Phillips’ Home system for your lightbulbs was hacked so they can track who’s away? What if your Alexa with Echo or Ok using Home eavesdrops for unwanted listening? What if the elevator at your hotel was hacked, causing you to be trapped then monitored by CCTV? Root-cause analysis (stemming from Six Sigma lingo and other engineering processes) really helps you understand how to take this review as to what electronics are smart in your home to the next level as you look for other weaknesses in your processes so you aren’t one of 500,000 people unwittingly helping take down the internet.
Action item: Begin by isolating a list of devices that connects to anything. Research the home device market, just as you did when you bought your car. Find out who provides routine security updates, if they have algorithms for only activating when you specifically engage the device and how often they release software updates—yes, this is now for your refrigerator, too.
5. Ensure your systems are isolated from ongoing attacks. This last item may be the most simple, which is why it’s the most frequently overlooked step. Creating a non-standard password is a direct step that many people fear because they may not remember a series of numbers, letters and special keys; they’d rather use the name of their pet and house number. Anyone looking at your social media accounts can guess and hack their way into your life when you are lazy about security and use it for nefarious purposes.
Action item: You lock your doors; you should also put a unique robust password that is different for every website and every device. It’s that straightforward.
The last key in preparing a strong defense against an electronic infrastructure offense includes waterfall issues. While you don’t have to take steps like the government and pay hackers to try to break your personal (or professional) systems, staying up-to-date with reading from topical magazines is smart. They are paid a small subscription fee to deliver to you all the bad news and potential solutions to keep you ahead of the crowd.
You are an executive because you know that every company today should have an information-oriented incident response plan, but you also realize the facts: according to Symantec, 43% of all cyber attacks in 2015 were targeting small business and 60% of those companies were unable to sustain their business after an attack per the U.S. National Cyber Security Alliance.
Take the right steps before someone else “becomes you” with unfettered access to your home, your wallet or your business. It will make Sunday’s game and your life much more enjoyable with increased security.
PS: Make sure your kids follow these action items, too. If they thought cleaning their room was bad, not having devices with internet would just be awful.
Heather M. Hilliard is Principal and Chief Strategist for R. Roan Enterprises, LLC, a professional services consulting firm supporting businesses in pointed areas of expertise as well as with individuals for targeted projects or career development. For more articles like these, visit her posts on LinkedIn or on G+.
#seizetheday, #makeithappen