The Threat

Hackers are an imminent threat to everyone. They can use your identity to drain bank accounts, file loans, and purchase goods online for reselling. High-profile data breaches of large organizations have put tens of millions of consumers at risk for identity theft. These large-scale attacks have become so common that an industry is built upon tracking and predicting the cost for various types of breaches across different sectors. For risk managers, data breaches are taken very seriously.

For the past 17 years, IBM has conducted yearly studies on the economic impact of data breaches, and the results are not comforting. According to their Cost of a Data Breach Report 2021, the global average total cost of a data breach is $4.24m! This report estimates that the average cost per record of personally identifiable information (PII) is a whopping $180! Plus, the average number of days it takes to identify and contain a data breach is 287!

Hitting Close to Home 

As individuals, we generally don't manage large databases of PII, but that doesn't mean hackers aren't motivated to access your computer at home. Plus, we don't have dedicated teams of IT engineers to resolve our internet security issues. Therefore, maintaining strict internet safety is paramount.

Attacks on individuals usually use two approaches: social engineering or email scams. A social engineering attack may take the form of an unsolicited phone call claiming your computer is hacked. They then persuade you to grant them access to your computer via remote desktop applications. Once inside your computer, they can download all your files and search for bank account information. This tactic is surprisingly effective.

Email scams rely on their victim's curiosity to hack their account. It's hard to believe that the old Nigerian prince scam is still around, but it is. Nowadays, scammers can create very realistic-looking emails by copying logos, spoofing their email addresses to appear legitimate, and offering free rewards to entice victims. Their primary goal is for you to click on a link within the email. These links lead to fake portals requiring you to pay a fee electronically before receiving your promised reward. Once you make a payment, they're gone.

A Strong Defense

The adage "the best defense is a good offense" is sage advice in the Information Age. Although hackers are constantly upping their game, a few key strategies can keep your critical information private.

Don't Keep It Simple

Passwords are both a blessing and a curse. The longer they are, the more secure but harder to remember. Have a separate password for every account. The use of a password manager can make this task easy. Never use simple passwords; bots are programmed to hit every simple password. A strong password generator such as Secure Password Generator is quick to use and has options for complexity. NordPass, a password management software, maintains a Top 200 Most Used Passwords list. Would you believe "123456" has been used over 130M times? This shouldn't have to be said, but never leave a password on a Post-It note on your monitor.

Update Your Software

Hackers frequently capitalize on software vulnerabilities. Software companies (including ESP, Inc.) have policies and procedures to update software to close vulnerabilities as they arise. Always update your software to the latest version. If possible, enable automatic updates for your operating system and applications.

Fight the Virus

Installing anti-virus/anti-malware software from a trusted source is very effective. Update the software frequently to keep the latest viruses at bay. 

Don't Answer the Phone

Hackers have been using the phone to execute their phishing scams forever. Never give out any information over an unsolicited call. Always be suspicious of unlisted numbers. On smartphones, check the App Store or Google Play for apps to screen your calls. These apps create a global blacklist of spam numbers. For landlines, consider installing Caller ID.

Straight to the Spam Folder

It's always too good to be true, always. Any email offering you refunds or free merchandise is never legitimate. If in doubt, try a Google search and add the word "scam." For instance, a search for "home depot email refund scam" will serve up thousands of related articles. You could also reach out to the customer service department at the actual business you believe is being phished. Definitely, never click on a link from an unsolicited email.

Careful Browsing

Stay away from unknown websites and be leery of downloading software from untrusted sources. These sites are often just fronts for malware that can compromise your computer. Be particularly cautious on foreign websites.

Keep It Close

Lock your desktop while away from your desk. Never leave devices while in public. Lock your device with a complex password, PIN, or biometric login. Use Apple's Find my iPhone or the Android Device Manager tools to help prevent loss or theft.

Back It Up

If your system does get hacked, the only way to securely recover is to erase your hard disk and re-install the system from a backup. You can use an external drive or a cloud-based solution to store your backup.