7 Security Tips to Wrap Up Cybersecurity Month

In the spirit of DNSFilter’s 7th birthday, and the close of Cybersecurity Awareness Month, we did something brave. We asked our Security team for their very best cybersecurity tips—then watched as the slack channel flooded with messages. They offered up a ton of really great advice, but we went ahead and narrowed it down to a reasonable list, just for you.

1. Post-it notes are not a viable password manager

Unauthorized users will look for the easiest way to hack your network. A post-it note sitting on your desk? You’ve basically handed them the keys to your house!

Don’t make it that easy. Invest in a password manager that encrypts your passwords and keeps them stored in a safe location. Another benefit to password managers: It’s easy to create stronger passwords and click to fill. No more reusing passwords because you can’t remember them all.

2. Beware of BEC (Business Email Compromise) attacks!

Business email compromise is an attack on business email systems in an attempt to defraud the company for money. These scams are rising rapidly—U.S. businesses reported more than $2.4 billion in losses in 2021.

One of the common scams you’ve probably seen for yourself is an email posing as being from your CEO. They may ask you to run to the store to buy them gift cards, or some other task that requires the use of your credit card, and they almost always insist that it is urgent.

Make sure to protect your organization and team by requiring multi-factor or 2FA authentication, enforcing consistent security training, and utilizing a DNS filtering security solution.

3. How to spot a social engineering attempt

Social engineering is a method of hacking via humans. A threat actor will often use social engineering to manipulate a person into handing over sensitive information, or to gain access to their network.

This type of attack relies on humans having an innate tendency to trust and can be done in many different ways. Phishing, Vishing, and SMiShing are commonly utilized for these attacks, and many times they will iterate urgency so that the victim doesn’t have time to think twice.

A recent example of social engineering was the attack behind the Uber breach. The threat actor allegedly fatigued an Uber contractor by repeatedly pushing multi-factor authentication request notifications to their phone. The contractor eventually wore down and approved the notification—giving the hacker access to Uber’s internal systems.

Take a second to think twice when you receive an abnormal urgent request. When in doubt, utilize a secondary channel (like slack or a phone call) to clarify that the request is real and from the person it appears to be.

4. Endpoint security is just as important as core network security

Work From Anywhere can complicate an organization’s security protocol. Once upon a time, an in-house server room was all you needed. Now, end users are becoming more and more dispersed and brick and mortar security practices aren’t enough.

What’s the answer? Decentralized Cybersecurity.

Secure your end users, wherever they are, by placing a security bubble around their devices via DNS security, VPNs, DLP, antivirus, etc. Read more about Decentralized Cybersecurity here. 

5. Compliance and security are not the same, especially in healthcare 

Knowing the difference between compliance and security is critical for protecting patient data. Healthcare data is particularly vulnerable due to the personal and sensitive information included. A breach in healthcare has potential to put real, human lives at risk.

Don’t just check the boxes to be in compliance—ensure your organization is actively working to protect patient data with additional security measures. Read more on keeping patient data secure here.

6. There are no silver bullets in cybersecurity

Unfortunately, even with a security strategy and consistent employee training, attacks can still happen with today’s heightened threat landscape. It’s important to have multiple layers of protection for every device utilized by your organization. 

7. Secure your public Wi-Fi

Offering free Wi-Fi at your organization can be great for your customers. In fact, 76% of Americans say that they’re more likely to frequent businesses that offer free Wi-Fi hotspots. 

But public Wi-Fi networks come with risks—unsavory content, botnets, and employee filter circumvention to name a few.

Secure your guest Wi-Fi with DNS protection and content filters to ensure that your hotspots aren’t putting your business at risk.

Search
  • There are no suggestions because the search field is empty.
Latest posts
AI and Cybersecurity: Lessons Learned from 2024 Predictions AI and Cybersecurity: Lessons Learned from 2024 Predictions

Every year at DNSFilter, we like to do our best to predict the future when it comes to cybersecurity. You might know this already if you’ve read the blog by our CTO, TK Keanini, about his 2025 cybersecurity predictions. We also like to review our predictions to see how well we did overall- it’s nice to keep score.

DNS: The Hidden Threat Lurking in Every Business Network DNS: The Hidden Threat Lurking in Every Business Network

You lock your doors at night, secure your office, and ensure sensitive information is under strict control. But what if the biggest vulnerability in your business wasn't locked away at all? For most companies, their Domain Name System (DNS) is the gateway attackers are waiting for. It's a fundamental part of the internet's infrastructure, yet it's often ignored when it comes to security. Hackers know this, and they're taking advantage.

2025 Cybersecurity Predictions: It’s Not Just AI, Here’s How Cybersecurity Will be Transformed in 2025 2025 Cybersecurity Predictions: It’s Not Just AI, Here’s How Cybersecurity Will be Transformed in 2025

Earlier this month I joined Mikey Pruitt, our Global Partner Evangelist, on the DNSFilter podcast dnsUNFILTERED to discuss my 2025 cybersecurity predictions. We had a lot of fun and covered all of the points I’ll outline here, but I wanted to go deeper. My 30 years of cybersecurity experience have given me a strong sense of where we’re heading as an industry—the shift to the cloud in many ways is a precursor in the adoption of AI and the future...

Explore More Content

Ready to brush up on something new? We've got even more for you to discover.