SailPoint's Steve Bradford on how to ensure a cyber-savvy and secure online future


Digital devices have become an essential part of our personal and professional lives. Their connectivity brings great opportunities to transform the way we do business, socialise and provide key services. But so much dependency on the online world is not without risk. Experts predict that by 2025, cybercrime will be costing the globe more than $10.5 trillion annually. Cyber attacks are becoming increasingly sophisticated, with more evolved bad actors cropping up each day. By staying up to date with these five best practices, organisations and individuals alike will be well-positioned to better protect themselves and minimise overall impact, should they end up in a cyber criminal's line of fire: A layered approach: multi-factor authentication Security comes in layers. Multi-factor authentication (MFA) adds that necessary second check to verify your identity when logging in to one of your accounts. By requiring multiple methods of authentication, your account is further protected from being compromised, even if a bad actor hijacks your password. MFA adds a layer of protection to the sign-in process. However, the industry is going further, moving toward a password-less authentication future. This will eliminate knowledge-based factors such as security questions - due to their vulnerabilities - and utilise additional identity verification such as fingerprints, making the process even more secure. Strong passwords are key Passwords are the most widely-used security control in the world, yet they are often the easiest to crack with common passwords including '12345678' and 'qwerty'. All too often, the importance of implementing strong passphrases or password managers is overlooked. The pandemic has highlighted how interconnected we all are, with people spending more time online, contributing to more bad actors prowling for accounts to attack. The most common entry point for cyber criminals is through obtaining passwords to a central account, such as an email inbox, and then taking over all associated access. Often, this is done inconspicuously, allowing the attacker to settle in for a long period of time and go under the radar while gathering sensitive information like payment details. Using long, complex, and unique passwords is a good way to stop your account from being hacked. But, if you find it difficult to remember all your long passwords, an easy way of keeping track is by using a password manager. Update your performance software now When your device prompts you that it's time to update the software, it may be tempting to simply click postpone and ignore the message, forgetting to do this altogether. However, having the latest security software, web browser, and operating system on devices is one of the best defences against online threats since it addresses bugs and vulnerabilities in previous software. So, don't wait - now is the time to update. Do your research: is it legit? A good step to staying safe online is to do some research before downloading anything new to your device, such as apps. Prior to this, make sure that it is legitimate by checking who created the app, what the user reviews say, and if there are any articles published online about the app's privacy and security features. Check your settings: who can really access your documents? Be diligent and double-check your devices' privacy and security settings, and be aware of who can access your documents. This extends from Google Docs to Zoom calls, and beyond. For example, when hosting meetings on Zoom, create passwords so only those invited to the session can attend and restrict who can share their screen or files with the rest of the attendees. A cyber-savvy and secure online future Being cyber-savvy and maintaining excellent online hygiene is the best way to protect yourself - and others - from cyber attacks, and the huge stress that comes with this. While threats continue to increase, so too do the tools we have at our disposal to mitigate their impact or prevent them from happening. But it all starts with getting the cyber basics right. Following these five steps will help provide a solid foundation for best cyber security practice, and increase resiliency against evolving threat actors.