Reading Time: ~ 4 min.

After surveying more than
10,000 people in 50 states about their cybersecurity habits, we wound up with
some pretty surprising results. Like the fact that tech experts demonstrate
riskier behaviors than average Americans. But the most significant result of
all was the fact that most Americans are more confident than they should be
when it comes practicing good cyber hygiene. So, we thought this would be a
good opportunity to highlight a few of the riskiest behaviors from the report and
suggest ways to correct them and minimize your chances of falling for a

Small business owners beware

  • The problem
    – It’s not easy being a home-based business owner. Also known as very small
    businesses (VSBs), they’re often too busy and stretched thin just running their
    businesses. They often lack the time and resources to do everything they should
    to protect their important business files from online threats.
  • Risky habits
    – Around 80% of VSB owners use the same device for both work and personal use.
    In addition, 71% use the same password for their personal and business
    accounts, putting both their personal life and company at risk.
  • The fix
    Owning separate devices for personal
    and small business use can be cost-prohibitive. But you can enforce better
    security by partitioning business files on your hard drive and creating a
    secure password to access those files. Make sure that password is different
    from any you’re using for personal use. Again, easier said than done in today’s
    world of password proliferation. If you’re struggling keeping track of all your
    passwords, consider using a password management app, especially for business

Knowing is half the battle

  • The problem
    – There is a gap between awareness and real understanding of cyber-related
    attacks. Most Americans can confidently explain phone scams but are not as
    equipped to explain malware or phishing. This indicates that Americans may not
    be as prepared to confront risks as they think.
  • Risky habits
    – Americans who never read the news are 70% less likely to recognize malware, phishing,
    ransomware or crypto-mining, and 51% less likely to be able to confidently
    explain these risks. Compare this with 89% of Americans who consistently
    consume technology news and can confidently explain common cybersecurity risks.
  • The fix
    Not everyone can afford security
    awareness training, but if you’re a business, consider the cost and
    consequences of a data breach to your business. Regular security awareness
    training can significantly increase your ability to identify and prevent a
    malware or phishing attack. If you’re a consumer or VSB owner, you can easily
    find free sources of cybersecurity news (like this one!). As the report shows,
    being a regular reader of tech news can significantly raise your awareness and
    reduce your risk.

Digital defense and immunity

  • The problem
    – One in five Americans say they’ve been impacted by malware in the past year.
    While 61% of Americans say they’ve not been impacted, 18% aren’t sure. And with
    only 32% of Americans who feel they understand cyber-related attacks, it’s
    likely that many more have been impacted and just don’t know it.
  • Risky habit
    – Many businesses and users haven’t updated their defenses. They haven’t
    updated their antivirus protection to include cloud-based threat intelligence,
    AI and machine-learning (ML). Or they’re failing to install necessary patches
    to plug holes in applications. And they’re still running obsolete operating
    systems, like Windows 7 or Server 2008, leaving them highly exposed.
  • The fix
    – For today’s advanced threats, you need multiple layers of protection,
    including advanced antivirus as well as backup. Having just one of these layers
    is not enough. Perimeter protection with AI/ML functionality is critical for
    identifying polymorphic code that changes with each device it seeks to infect. Backup
    is essential for mitigating phishing attacks and disaster scenarios.
    Cybercriminals can also identify outdated operating systems. So, it’s worth the
    extra cost to update them, even if the hardware they’re running on is still
    functioning normally.

Identity theft

  • The problem –
    Poor cybersecurity often leads to identity theft. Failing to wipe a device
    before discarding it is one problem. So is sharing personal information on
    social media and video streaming sites. The more hackers know about you, the
    easier it is for them to impersonate you online.
  • Risky habits
    – A quarter of Americans have had their identity stolen, including 8% who have
    been a victim of identity theft more than once. Twice as many people who use
    mobile banking apps have been victims compared with those who don’t. Across
    industries, those in technology, banking and automotive are most likely to
    become victims of identity theft.
  • The fix
    – Cover your tracks wherever you go. Erase
    the contents on a device before discarding it. Beware of the personal
    information you reveal on social media. And consider using a bank’s website rather
    than its app for personal banking.

Something phishy

  • The problem –
    We knew phishing was a problem. In fact, it may be even bigger than our results
    indicate. A lot of users don’t know how to identify phishing scams. You can’t
    protect yourself from threats you don’t see coming.
  • Risky habits
    – According to the report, 36% of respondents claim to have fallen for a
    phishing scam. But more enlightening is that only 35% claim to know how to identify
    a phishing attack. Similar to the lack of understanding about cyber-related
    attacks in general, the report seems to indicate that phishing is far more
    prevalent than the data indicate.
  • The fix
    Learn the tricks of the phishing trade,
    like bogus URLs and emails that ask you to confirm personal and banking
    information. Remember, bank logos can be easily faked. And banks won’t
    typically reach out to you for information they already have on file. If someone
    claiming to be from a bank contacts you by phone, call them back on an
    authentic customer service number from one of your banking statements.

Where to learn more

Want to read the complete 2020
state-by-state results? You can download a copy here. If you have any
questions about improving your cyber security habits, feel free to reach out to us.

The post 5 ways to reduce risky habits online appeared first on Webroot Blog.