Cyber Hygiene, Phishing, & Password Sharing: Tips from Cybersecurity Awareness Month 2023

As Cybersecurity Awareness Month 2023 draws to a close, we wanted to highlight some tips to keep in mind for the rest of the year, and beyond.

In case you’ve missed it, we’ve been running a series of videos on our LinkedIn page throughout the month of October highlighting tips from members of our internal security team on topics like password sharing, keeping personal identifiable information safe, and maintaining good cyber hygiene. 

“Some steps you can take if your account is compromised is first resetting your password, freezing any of your accounts (credit cards, bank accounts, etc.) that could be related to your compromised account, alerting your security team at your work, if it is happening in a work environment, and being able to recognize if there’s any other suspicious activity happening. Always think before you click.” –Jared Hawkins, SOC Analyst

“The biggest thing you can do to protect yourself against phishing is to really read emails closely, see if there are grammatical errors, see if this sender looks legitimate. Ask if this is someone that you know, and if it is, reach out to them directly to confirm that what they sent you is in fact correct versus just clicking on it. Then, if you’re not familiar with something, send those emails to your company security team or mark them as spam so we can get an understanding of what’s going on and help protect you.” –Ally Frame, Supervisor, Information Security – SOC

“Roughly one-third of American workers share passwords with people within their organization.The problem doesn’t necessarily come from users sharing these passwords, as there are many legitimate use cases for this, but think about if a malicious actor gets into your organization. If, for example, a malicious actor were to find the login credentials for a service account in your message history, you’ve basically given them a free way to move laterally within your organization and escalate their privileges. The biggest thing I recommend is using a password manager organization-wide. Not only does it let you securely store your credentials, but also encourages you to use different, more complex passwords for all of your accounts.” Sean Salomon, Security Analyst

Want to learn more about how you can keep your organization safe all year? Read the latest Cloud and Threat Report, which digs into popular adversary tactics and techniques, broken down by industry and geography, or listen to Ray Canzanese, Head of Netskope Threat Labs, discuss highlights from the report on the Security Visionaries podcast.