Category: Privacy

The internet has transformed our lives in many positive ways, but it has also created a new set of challenges, such as the need to protect our privacy online. With so much personal infor-mation available on the internet, it is important to take steps to safeguard our privacy.

In this article, we will discuss 10 effective ways to protect your privacy online.

1.    Use Strong Passwords: Strong passwords are the first line of defense against hackers. Avoid using easy-to-guess passwords like “123456” or “password.” Instead, use a com-bination of uppercase and lowercase letters, numbers, and special characters. Also, use different passwords for different online accounts.
2.    Enable Two-Factor Authentication: Two-factor authentication is an extra layer of secu-rity that requires you to enter a code sent to your phone or email, in addition to your password. This adds an additional layer of security to your accounts, making it harder for hackers to access your information.
3.    Use a VPN: A Virtual Private Network (VPN) encrypts your internet traffic, making it difficult for anyone to spy on your online activities. A VPN also allows you to access geo-restricted content and protect your online identity.
4.    Be Careful What You Share: Be cautious of what you share online. Avoid posting per-sonal information like your phone number, address, or social security number on social media or other websites.
5.    Use Privacy Settings: Most social media platforms and websites have privacy settings that allow you to control who can see your posts and personal information. Take ad-vantage of these settings and adjust them according to your preference.
6.    Keep Your Software Updated: Software updates often contain important security patch-es that fix vulnerabilities that can be exploited by hackers. Make sure to keep your software, including your web browser, up-to-date.
7.    Be Wary of Scams: Be cautious of unsolicited emails, text messages, or phone calls ask-ing for personal information or money. These may be phishing scams that attempt to steal your identity or money.
8.    Use Anti-Virus Software: Install anti-virus software on your devices to protect them from malware and other threats.
9.    Avoid Public Wi-Fi: Public Wi-Fi networks are often unsecured, making it easy for hackers to intercept your online activities. If you must use public Wi-Fi, use a VPN to encrypt your traffic.
10.    Delete Unused Accounts: Delete online accounts that you no longer use. These accounts may contain personal information that can be used by hackers.

In conclusion, protecting your privacy online is essential in today’s digital world. By following the tips listed above, you can safeguard your personal information and protect yourself from online threats.

The post 10 Effective Ways to Protect Your Privacy Online appeared first on Cybersecurity Insiders.

Two unsavoury websites suffer from a worrying leak, scientists are going animal crackers over AI, and the BBC is intercepting scammers’ live phone calls with victims. All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week … Continue reading "Smashing Security podcast #320: City Jerks, AI animals, and is the BBC hacking again?"
Students and teachers at the Minneapolis Public School (MPS) District, which suffered a huge ransomware attack< at the end of February, have had highly sensitive information about themselves published on the web, including allegations of abuse by teachers and psychological reports. Read more in my article on the Hot for Security blog.

The theme of RSA Conference 2023 — ‘stronger together’ — was certainly well chosen.

Related: Demystifying ‘DSPM’

This was my nineteenth RSAC. I attended my first one in 2004, while covering Microsoft for USA TODAY. It certainly was terrific to see the cybersecurity industry’s premier trade event fully restored to its pre-Covid grandeur at San Francisco’s Moscone Center last week.

Rising from the din of 625 vendors, 700 speakers and 26,000 attendees came the clarion call for a new tier of overlapping, interoperable, highly automated security platforms needed to carry us forward.

Defense-in-depth remains a mantra — but implemented much differently than the defense-in- depth strategies of the first decade and a half of this century. Machine learning, automation and interoperability must take over and several new security layers must coalesce and interweave to protect the edge.

Getting a grip on identities

To keep the momentum going, business rivals and regulators are going to have to find meaningful ways to co-ordinate and cooperate at an unprecedented level. Here are three evolving themes reverberating from RSAC 2023 that struck me:

Password enabled access will endure for the foreseeable future. Multi-factor authentication (MFA) has raised the bar, but MFA alone is not enough to slow, much less stop, moderately-skilled bad actors.

New security platforms that can set cloud configurations wisely, automate detection and response and manage vulnerabilities continuously are needed to form the front line of defense.

Consolidating cloud postures

One nascent approach that shows promise:  cloud native application protection platform (CNAPP.)

For a drill down on how the CNAPP space is rapidly evolving, stay tuned for my upcoming RSA Fireside Chat podcasts with a couple of vendors on the leading edge. I had enlightening discussions with Elias Terman and Sudarsan Kannan, of Uptyks, and Markus Strauss and Michiel De Lepper of Runecast.

Identities – or to put it more precisely, user access management — is a fundamental weakness that must be shored up. This is where advanced identity and access management (IAM) tools and practices comes into play.

I spoke at length with  Ravi Srivatsav and Venkat Thummisi of  InsideOut Defense, and separately with  Venkat Raghavan, founder and CEO of Stack Identity, all about reconstituting IAM. My Fireside Chat podcasts to come will get into their insights about reducing the risk of access manipulation by continuously and comprehensively monitoring access patterns.

I also had quick meetings with  Bernard Harguindeguy and Barber Amin, senior execs at Veridium ID, on the latest advances in passwordless authentication and I got the back story about a brand new smart ring (yes, of the Tolkien variety) introduced at the conference by security start-up Token. I spoke with Token CEO John Gunn and his  engineering VP Evan K. about the role of advanced wearable authentication devices, going forward.

Operationalizing threat intel

Collecting and using good threat intelligence has always been important — and never been easy to do well. Two impromptu meetings I had touched on this. I spoke with Rohan Spledewinde of security start-up CTM360 – which crawls the public Internet for every and every reference to a company’s IP addresses, and uses graph database technology to present useful correlations; and I also had another very lively discussion with Snehal Antani, CEO of Horizon3 about the value of continuous, well-informed penetration testing.

Leveraging threat intelligence at the platform level, or course, remains vital, as well. The trick in today’s operating environment is how to do this well with cloud migration accelerating.

There’s a danger of leaving legacy on-premises systems twisting in the wind. And that’s why emerging frameworks like Secure Services Edge (SSE) and Zero Trust Network Access (ZTNA) got a lot of attention at RSAC 2023, and deservedly so.

In the weeks ahead, be on alert for my deep-dive podcast discussions, with vendors that are shaping the security platforms of the near future. The perspectives I heard from two leading vendors in the security platform space were very similar.

I spoke at length to WithSecure CEO Juhani Hintikka and CTO Tim Orchard; this is the recent rebrand of F-Secure, a longstanding, widely respected cybersecurity systems vendor from Finland.

And I had a deep dive discussion with Cyware’s Willy Leichter and Neal Dennis. While WithSecure is approaching the task at hand from a slightly different angle than Cyware, both rely on interoperability of multiple systems, i.e. ‘stronger together.’

Our smartphone symbiosis

If you’re like me, you’ll lose track of where you last set down your room key, wallet or coat before you misplace your smartphone.

Our mobile devices, and the mobile apps on them, have become our digital appendages. We feel lost without them. And thus they are destined to endure as our primary user interface.

Yet the security of mobile apps hasn’t advanced much in the past 10 years; bad actors don’t really have to work all that that hard, or expend much resources, to exploit how we’ve come to use mobile apps.

I spoke with two vendors that are introducing promising innovation to that addresses this. Verimatrix CEO Asaf Ashkenazi described for me how his company is leveraging technologies perfected by the entertainment industry to protect mobile apps.

And Approov CEO Ted Miracco told me how his company’s solution is borrows from design principles used to lock down semiconductors.

It’s easier than ever for malicious hackers to get deep access, steal data, spread ransomware, disrupt infrastructure and attain long run unauthorized access. What I saw and heard at RSAC 2023 leaves me encouraged, more so than ever before, that this widening of the security gap will be slowed — and ultimately reversed. I’ll keep watch and keep reporting

Acohido

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as