By Jonathan Stock, Cyber Security Recruitment Consultant, IntaPeople.
Last month we saw Barack Obama’s final mic drop as President, Kim Kardashian’s finally stable and secure enough to get back into her social network game, and there’s enjoyment all around our office over the first installment of the TV series ‘Spies’, watching people dropped into a cybersecurity seminar come up with backstories as to why they were there and who they were. Yet the same stories keep popping up within the cybersecurity industry.
On the radio this morning I heard another advert promoting individuals to be cyber aware; to be concerned about malware, to not bow down to ransomware attacks. Great news, everyone is taking notice of cybersecurity.
The industries mission to educate everyone is taking shape. And then, I read an article this morning about the most common passwords of 2016, and of course, there are some massive issues….
Can you guess what the most used password was for 2016? The one used by nearly 1 in 5 people? The same one as 2015…. 123456. That’s right, 123456. Hello face, here’s my palm!
Then there’s the rest of them; QWERTY, 111111, password; the list goes on in a similar vein (my favorite of all of them was ‘google’).
It amazed me that in this day and age when we are bombarded with news articles about hackers stealing your personal data that there’s still not a greater effort by individuals to make themselves as secure as possible.
As mentioned in the article, the whole fault can’t be put at the feet of the individual, but the websites involved should also be accountable. Their responsibility is to make it as difficult as possible for hackers to access their data.
They can make their infrastructure more robust, their defenses better to deal with attacks but they should also enforce more complex password policies. Yes, the companies involved in data breaches are held accountable.
They are fined, exposed in the media and soon when GDPR pops up, they are going to be regulated more and more.
Surely it would be better for all companies to enforce strong password best practice, then, if hackers do get in, maybe it would be slightly more difficult for them to get into customer accounts.
We hear all the time that hacks are getting easier and easier, that they can attack multiple companies at once and more sensitive data is being breached.
It’s easy to change your password to something trickier, to change it regularly on a monthly basis, all it takes is the desire to do so. I can’t see it being very difficult to change ‘password’ to ‘PaS5w0rD!&*’ and once you have done the password 10 times, you are going to remember it.
Ultimately, a slight change makes things harder for hackers, keeps you more secure and helps you to become more cyber aware.
It’s been said many times before that cybersecurity is a combination of products and processes.
You can have the best firewalls, the best anti-virus software but if you are not committing to the processes and best practices, then ultimately, you are going to be found out and those pesky little hackers are going to get in.
About The Author
My Name is the Jonathan Stock and I am a cybersecurity recruitment consultant working for IntaPeople. In addition to sourcing candidates for various cybersecurity companies,
I am also a contributor to several cybersecurity online magazines, a member of the UK Cyber Security Cluster and an event coordinator.
Jonathan can be reached online at firstname.lastname@example.org, @JonathanStock86 and at our company website http://www.intapeople.com