Thursday, June 30, 2022

 

Commonly Confused Cybersecurity Terms

 

Safely navigating today’s online landscape requires a basic understanding of specific cybersecurity terms and concepts. Often, this terminology can be confusing, if not frustrating, which is precisely what cyber-criminals want.

Many terms relating to cybersecurity seem to be interchangeable or, at the very least, mean the same thing. This is often not the case, and confusion can lead to problems. Knowing the difference between these similar terms or concepts can be tricky, especially given the ever-changing landscape of technology.

Let’s look at a few examples and try to demystify things.

Data vs. Information vs. Knowledge

Our first example seems, at a glance, to be completely interchangeable. This is not the case. Data is usually understood to be the bits and bytes that make up the information. Knowledge then interprets that information in the context of the situation. For example, data could be a list of dates. This data would be useless without the information that makes the dates relevant and the knowledge that makes that information useful.

                Data: 7/1, 7/2, 7/3, 7/4
                Information: These numbers are dates. 7 = July.
                Knowledge: These are the dates of the fourth of July weekend.

Security vs. Privacy

In the online world, security and privacy go hand-in-hand. While they are often used interchangeably, there are key differences. Security refers to the protection of your personal information from malicious threats. Privacy relates to the rights or controls over your data and its use.

Threat vs. Risk vs. Vulnerability

A threat is generally defined as something bad that could happen or as someone (a threat actor) who could cause something bad to happen. A risk is the probability that something bad will happen and the potential repercussions.  A vulnerability is a “weak spot” that opens you up to potential threats and increased risk. Most of us face these situations daily. An example would be online shopping. We willingly enter sensitive banking information into our computers, accepting the risk that our information might be stolen.

Spam vs. Phishing

Spam is unsolicited email, instant messages, or social media messages. These messages are relatively easy to spot and can sometimes be damaging if you open or respond. Not all spam has malicious intent but should still be handled cautiously. Phishing is an email from a threat actor disguised as an email from a legitimate and trustworthy source. A phishing email attempts to lure you into revealing sensitive or confidential information. 

While this is in no way an exhaustive list of commonly confused cybersecurity terms, hopefully, you are now better equipped to navigate the sometimes treacherous online landscape with confidence.

Tuesday, May 31, 2022

Digital Footprints: The What and Why They Matter

The Digital Footprint. We surely have all heard this term at some point in our careers. But what is a digital footprint really? How much does one matter?

 

A digital footprint is essentially a trail of data that you leave behind while browsing the Internet. It can include websites you have visited, emails you’ve sent, filled out online forms, etc. Footprints are added to your digital trail in two ways: actively and passively. Active footprints are created when you interact with websites by doing normal things such as posting on social media, leaving reviews, and even shopping online. Passive footprints are created when information is collected about you without your being aware of it. This comes from systems like tracking cookies that log how many times you visit a website, your IP address, and where you are connecting from. They can also be used on social media to monitor what posts you like, share, and comment on to create more targeted ads for products and posts.

 

So, aside from getting ads for the restaurant that you just thought about, here is why your digital footprint is relevant and matters:

·         They are relatively permanent, and once the data is public – or even semi-public, as may be the case with Facebook posts - the owner has little control over how others will use it.

·         A digital footprint can determine a person’s digital reputation, which is now considered as important as their offline reputation.

·         Employers can check their potential employees’ digital footprints, particularly their social media, before making hiring decisions. Colleges and universities can check their prospective students’ digital footprints before accepting them.

·         Words and photos you post online can be misinterpreted or altered, causing unintentional offense.

·         Content intended for a private group can spread to a broader circle, potentially damaging relationships and friendships.

·         Cybercriminals can exploit your digital footprint – using it for purposes such as phishing for account access or creating false identities based on your data.

 

With all this newfound information, it’s essential to know how to protect your digital footprint. Below are just a few steps that you can take to accomplish this:

 

                Double-check your privacy settings

Privacy settings on social media allow you to control who sees your posts. Review these settings and ensure they are set to a comfortable level. For example, Facebook will enable you to limit posts to friends and make customized lists of people who can see specific posts. However, remember that privacy settings only protect you on the relevant social media site.

                Avoid unsafe websites

Make sure you’re transacting with a secure website – the URL should start with https:// rather than http:// - the “s” stands for “secure” and indicates that the site has a security certificate. There should also be a padlock icon to the left of the address bar. Never share any confidential information on unsecured sites, especially payment details.

                Avoid disclosing private data on public Wi-Fi

A public Wi-Fi network is inherently less secure than your home one since you don't know who set it up or who else might be watching. Avoid sending personal information when using public Wi-Fi networks.

                Don’t log in with Facebook

Logging into websites and apps using Facebook is convenient. However, every time you sign into a third-party website using your Facebook credentials, you give that company permission to mine your Facebook user data – potentially placing your personal information at risk.

 

And most importantly:

 

                Use search engines to check your digital footprint

Enter your name into search engines. Include your first and last name and any variations on spellings. If you have changed your name, search for both current and former names. Reviewing the search engine results will give you a sense of what information about you is publicly available. If any of the results show you in a negative light, you could contact the site administrator to see if they can remove it. Setting up Google Alerts is one way to keep an eye on your name.

  Commonly Confused Cybersecurity Terms   Safely navigating today’s online landscape requires a basic understanding of specific cybersec...