Newsletter Edition May 2021
For some, it is no more than a nuisance. For others, it can be life altering. Cybersecurity means different things for different people in different situations. For a regular citizen like you or me, it could be about ensuring that your credit card is not stolen when you do online shopping or that you can do online banking safely. For a public figure like Hillary Clinton, it was about carrying government data in a personal computer that was hacked. For a small business like your favorite coffee shop, it is about ensuring their payment system puts the money from debit or credit card payments in their own bank account. And for a big business such as NIKE, it is about overseeing smooth performance of their purchase and distribution systems with their customers and their global suppliers.
Simply put… Cybersecurity concerns with the protection of systems that store, process, and send/receive digital data. According to experts, cybersecurity is achieved through the CIA triad: Confidentiality, Integrity and Availability.
Let’s see how they play out in the scenarios above.
- When we do online banking, we do it because we trust our bank has some way to ensure that our private information is not disclosed or hacked. That’s about Confidentiality in cybersecurity.
- In the small business scenario, the owner must ensure that the amount of money received is not modified in any way during the process of moving it from the payer to the bank account. That’s about Integrity in cybersecurity.
- How would you feel if you wanted to buy online a pair of NIKE shoes for yourself or for a gift during Christmas and you couldn’t access their website? You might instead go to the ADIDAS’ or PUMA’s websites depending on how much of a rush you are in! That’s called Denial-of-Service Attack and it’s about Availability in cybersecurity. In the case of Hillary Clinton… by storing government data in personal computer, confidential information got hacked, the integrity of the data was violated, and it was made available to non-authorized users… the real CIA got involved and you know the end of the story!
All in all, criminals can launch cyberattacks to steal money, credit cards, passwords, SIN numbers and much more personal and corporate data. What can we do about it? First, knowledge is power. Second, action should follow. To wrap up the basics, here are 3 more pieces of knowledge for your cybersecurity repertoire:
- Cybersecurity goes beyond the traditional computers. Those of us who were born before the computers used to think that the internet was about desktop computers and later on, laptops. Well, things have changed a bit! Now we have “the internet of things”, which is language that probably resonate more with those who were born after the computer. Have you made a list of all the devices that you have connected to the internet these days? Laptops, phones, iPads, games, etc. That’s what the internet of things is about, which as you may imagine poses challenges to cybersecurity.
- Cybersecurity is threatened by social media. Not only devices, but also social media has also transformed the world of information. And that is because of the amount of people now accustomed to sharing far more about themselves than ever before, often with audiences far larger than before. Have you reflected on the kinds of conversations and information you and your family post on Facebook, Twitter, Instagram and other social media platforms? If one of your passwords is the maiden name of your mom and you mention her in Facebook as part of an informal conversation, chances are that a hacker who is paying attention can figure it out.
- Cybersecurity needs to be talked about at the dinner table. Speaking of you and your family… do you have one wi-fi for all members of the family? Or have you thought about separating users in different wi-fi networks? For example, one for your guests, one for you kids who are constantly connected and one for you and your partner who need to remotely access files from your office. Knowing what we know now about cybersecurity, investing in the latter might be a good idea. It will help you protect private work-related information from being hacked through your kids’ social media usage, for instance. And if you can establish some rules around it, then you are exercising what is now known as Cybersecurity Hygiene.
In terms of action, here are some recommendations from experts:
- The low hanging fruit…
- Hire technical experts to design and install your home and office networks. If possible, set different networks for different purposes and users
- Use antispam software in any device on which you read email
- Keep your devices updated
- Back up your data regularly
- Ensure data in the cloud has a secure password.
- Avoid using public wi-fi as much as possible.
- A bit more effort but worthy…
- Do some homework to figure out which online businesses are reputable.
- Use disposable virtual credit cards, if your bank offers such service
- Use services like PayPal, Samsung Pay or Apple Pay to make online payments without having to provide your credit card number each time.
- Get in the habit of using Passphrases for your passwords as opposed to using long random passwords that are difficult to remember – that’s the new trend!
- Establish rules about the use of technology in the house and office
- Engage in conversation with your family about how cybersecurity hygiene will be practiced in your home. Here is a list of topics to get you started:
- Not clicking on links on emails
- Creating passwords for all devices
- Closing and logging out from websites after finishing surfing
- Understanding what can and cannot be safely shared in social media
- Practicing healthy skepticism, in other words, thinking before posting
- Add more as you see fit and as your acquaintance with the cybersecurity language grows.
If you think of cybersecurity as you think about your own health, then use this quick overview to empower you just to start forming a new habit rather changing several things which is overwhelming. At the end of the day, the healthier the habits you have, the more enjoyable life is… and a similar mindset should apply to our engagement with technology at work and at home.
If you are interest in a deep dive on this topic, here are some suggested readings:
- https://www.getcybersafe.gc.ca/en/home This is a national public awareness campaign to inform Canadians about cyber security and the simple steps they can take to protect themselves online.
- Social Engineering: The Science of Human Hacking by Christopher Hadnagy (2018)
- The Cybersecurity Playbook: How Every Leader and Employee Can Contribute to a Culture of Security by Allison Cerra (2019)
Assante Capital Management Ltd. Is a member of the Canadian Investor Protection Fund and is registered with the investment industry Regulatory Organization of Canada.
This material is provided for general information and is subject to change without notice. Every effort has been made to compile this material from reliable sources however no warranty can be made as to its accuracy or completeness. Before acting on any of the above, please make sure to see a professional advisor for individual financial advice based on your personal circumstances
Prepared by The Andrews Group in collaboration with Dr. Sayra M Cristancho, PhD., Scientist and Producer of theResearch in 90sec’s podcast (listen in Apple Podcast or Spotify)
“The Andrews Group recognizes that their clients have a broad range of interests that are important to them.
Client Curiosity Sheets (CCS) are offered by The Andrews Group to complement the Education Series. We aim to provide a quick synopsis of topics that clients care and are curious about. If you have a topic you would like to learn more about, let us know at mandrews@assante.com
