The means and capabilities of attack for hackers are varied across levels of sophistication and depending upon the actors, some who are related to organized crime groups or, especially, nation states. Financial gains are still the main motivation behind most cyber-attacks.

Phishing has been a tried-and-true method of gaining access to company and personal data. It is usually done by employing a fake website which is designed to look like the actual website. The purpose of this attack is to trick the user into entering their username and password into the fake login form, which allows the hacker to steal the identity of the victim. Hackers can easily mimic known brand websites, banks, and even people you may know.

The fundamental question for most companies and individuals is what can be done to better protect data in the increasingly connected global digital landscape. Below are a few basic actions we can undertake to make ourselves safer.

Learn:  It all starts by having a risk management perspective. Learn what you need to do from open sources. Gather insights from informational resources available in the media. Network with those who have expertise or experience that mirrors your customized cybersecurity needs.

Enact basic Cyber Hygiene:  For example, do you have strong passwords and multi-factor authentication? Is your key data backed up? Do you use a secure WIFI? Do you need to use a virtual private network or encryption? Be sure to update your anti-virus software applications and regularly patch security flaws as they are updated.

Be on the lookout for social engineering attacks: With the volumes of social media information out there on your personal likes and dislikes, hackers can figure ways to reach out to you with malware via phishing. Always look at who the emails or texts are actually from (not who they pretend to be from), and do not open up any files that are suspiciousAlways be suspicious and operate on the premise of zero trust when it comes to social engineering threats.

Consider outsource security services: If you have a small or medium sized business, consider bringing in outside cybersecurity expertise or managed service. They can augment your security posture with your internal IT shop and perform vulnerability assessments and recommend solutions and services that are most applicable to your industry requirements.