Byte of Prevention Blog

by Patrick Brown |

10 Tips for Cybersecurity Month

Pin on Pinterest Share on Google+ Share on LinkedIn

October is a time of changing leaves, fresh apples, and children on a sugar-rush begging for candy door-to-door.  It is also a great time to do a quick check-up of your cybersecurity posture.

  1. Ditch Windows 7 and check all other operating systems to ensure they are still supported.

And running Windows XP is just plain scary!  Go ahead and update to Windows 10 version 1903.

  1. Encrypt phones, computers, backups, and external drives.

But also see # 10, forgetting to lock your computer is like forgetting to give out candy on Halloween – you risk getting pranked…or worse!

  1. Change the passwords on your IoT devices.

Don’t use the factory defaults or common passwords.  Strong passwords or passphrases are a great first line of defense to ghosts, ghouls, goblins, and hackers.

  1. Review your vendor contracts.

Talk about scary!  Wading through pages of agreements is no one’s idea of a treat, but ensuring you know the responsibilities and expectations of you and your vendors is important.  Take a look at NC ethics opinion 2011-FEO-6 for some ideas.

  1. Check out the FTC’s Cybersecurity for Small Business resources.

They are free and informative – no tricks here!

  1. Review and revise your Office Equipment Disposal Policy.

Or create one if you have not yet formally done so. 

  1. Who ya gonna call?

Your incident response manager, IT person/contractor, internet service provider, vendors, and cyber insurance contact are all good numbers to have handy.

  1. Check for breached credentials at Have I Been Pwned?

While you are there, take a look at the most recent statistics on collections of breached credentials.

  1. Watch a scary movie.

Not Friday the 13th though.  Check out some of the employee training videos at places like Ninjio, Proofpoint Security, KnowBe4, SecurityMentor, and more!

  1. Walk around the office.

This is not a time to trick-or-treat, although a bit of candy corn would not go amiss!  Are any computers logged in without a user nearby?  Are passwords written down and taped to monitors, keyboards, etc.?  Are monitors, files, servers, etc. in public areas or easily seen or accessed from public areas?

 

If you take it a little at a time, becoming more cyber-secure may not be so scary of a process after all! 

 

 

About the Author

Patrick Brown

Patrick is the Vice President of Enterprise and Operational Risk Management at Lawyers Mutual as well as filling the roles of Corporate Secretary and Director of Information Security. He is an NCSB board certified specialist in Privacy & Information Security Law and has been designated a Fellow of Information Privacy and a Privacy Law Specialist by the IAPP.  He is always happy to talk about his collection of tinfoil hats or to discuss risk management advice and resources that you may find helpful - you may reach him at 800.662.8843 or patrick@lawyersmutualnc.com.

Read More by Patrick >

Related Posts

LM Portal Access your LM Portal for policy information and forms.
Need Insurance? See the difference service can make.
Payment Due? Make an online payment now.
Lawyers Mutual NC Logo

Get In Touch

Lawyers Mutual Insurance Company
1001 Winstead Drive, Suite 285

Cary, NC 27513

919.677.8900
 | 
1.800.662.8843

Fax: 919.677.9641

Latest Alerts

The Corporate Transparency Act: What North Carolina Law Firms Need to Know

Lawyers Mutual has published previous alerts regarding the new filing requirements under the Corporate Transparency Act (“CTA”) that went into effect January 1, 2024. After reviewing additional resources, we want to emphasize concerns that we have about the risks and increased potential liability for lawyers undertaking the reporting requirements. This is especially true for the continuing reporting requirements after entity formation and initial reporting.  

Learn More

eCourts Expansion Announced for 2024

The North Carolina Administrative Office of the Courts (NCAOC) recently announced additional go-live plans for counties transitioning from paper files to Enterprise Justice (Odyssey), which currently serves Harnett, Johnston, Lee, Mecklenburg and Wake counties. Twelve northeastern counties comprising Track 3, as previously announced, will go live on February 5, and 10 counties comprising Track 4 (Alamance, Chatham, Durham, Franklin, Granville, Guilford, Orange, Person, Vance and Warren) will go live on April 29.   

Learn More