Each October we recognize National Cybersecurity Awareness Month. This a month-long reminder of things that we can all do as businesses and individuals to better protect ourselves online all year long. There are a lot of great resources online to help all of us be more aware of our cybersecurity needs. This post highlights some of the current best practices found online in various National Cybersecurity Awareness Month posts. However, before we dive into the good stuff, let’s first talk about an important concept.

Know Thy Sources When Online for Any Reason

We recognize that this is something most of our readers learned about at least in college. Lawyers learned about recognizing various types of sources in law school. If you’ve listened to talk radio or watched the news, you might be familiar with accusations of “fake news” and poor sources. By poor sources, we don’t mean anonymous sources. We mean unreliable sources that, if you’re lucky, only provide you with one-fourth of what actually happened.

When it comes to getting best practices online about cybersecurity best practices, it is extremely important to understand how to ensure that the site giving you information is a legitimate source without a desire to harm you, your law practice, or to steal your money via good ol’ ransomware.

Here are some tips to help you evaluate online resources.

1. Consider the reliability of the source. Some sources are more reliable than others. Websites that can be edited by anyone aren’t as authoritative as .edu, .org, or even .gov websites. If you find information you think may be crucial and you’re not sure if the source is fully reliable, the next tip may help.
2. Look up the information on another source that you know is reliable. We recognize that lots of websites that many of us may not know much about may very well have good cybersecurity information on it, but that’s not always the case. So, check out other reliable sources and see what they say about the topic. It could be that the relatively unknown site shares best practices from legitimate sources without necessarily linking to or otherwise citing the source. Of course, from an academic or professional standpoint, we know that not citing sources is a bit of a no-no, but we have no real idea of the website providing the information retrieved it from the source or that they even know whether or not they need to provide the citation.
3. Look for citations on the website. To whom do they refer when they mention best practices, if anyone? Is there a way for you to verify what’s being said? Yes, we already touched on that in the previous tip.
4. Watch the grammar. It’s important to pay attention to grammar. We don’t necessarily expect a site to be fully without typos. Mistakes certainly happen, but professional level sources will do what is in their power to make their information as professional as possible.
5. Understand the current trends. Microsoft, as an example, does not use pop-ups on sites to inform you that you need their technical expertise. Nor do they misspell their own name and provide you with a weird phone number you don’t recognize. As the writer for LawDroid, my most recent interaction with Microsoft was a small ribbon inside of Outlook and Word that mentioned that it was time for me to pay my yearly license fee for Office 365. Despite the fact I use it online, I don’t get a notification on every page I visit. It’s just not something they do.
6. Consider the date on the published page. Especially if you’re looking cybersecurity best practices, it’s important to review the date that the page was created or last updated. We’ve had the Internet for a good long while (although some of us remember when our “Google” involved the Dewey Decimal System), but our standards for security have changed. And they will continue to change.
7. Consider whether the links headed out from the website are active and from good sources. There may be times you don’t want to click on any links. In fact, when in doubt, don’t click on anything. However, you can hover over them and generally see where they head. If they link back to an appropriate and authoritative website, then you may be in good standing.

We here at LawDroid don’t want you to worry about the tips that we provide to the legal industry related to AI, machine learning, automation, practice management, or cybersecurity. Below is a short round-up of some of the best practices published for National Cybersecurity Awareness Month 2019 from some highly authoritative and trustworthy sites!

It’s All about Personal Accountability!

According to the National Initiative for Cybersecurity Career and Studies, an official website of the Department of Homeland Security, this year’s National Cybersecurity Awareness Month is all about personal responsibility both at home and at work. The theme is: Own IT. Secure IT. Protect IT. The focus is on citizen privacy, consumer devices, and e-commerce security. They’re offering the NCSAM 2019 Toolkit to better embrace and commit to positive, lasting cybersecurity habits.

They advise that you:

• Use a strong password.
• Use multi-factor authentication.
• Keep your work credentials and network secure.
• Avoid phishing.
• Be aware of social media bots and the harm they could cause.

StaySafeOnline.org

StaySafeOnline.org is a website operated by the National Cyber Security Alliance. In relation to the theme of this year’s National Cybersecurity Awareness Month, they recommend the following best practices:

• Don’t click and tell. Make sure that you stay safe on social media.
• Update your privacy settings.
• Follow best practices for all device applications.
• Change your passwords to create strong, unique ones.
• Make sure that you’re using multi-factor authentication.
• Shop safe when you’re online.
• Don’t give your information out to strangers. It’s important to avoid phishing.
• Keep your security software, favorite web browser, and operating system updated.
• Do what needs to be done to collect and store consumer data and information in the safest way.

Stay Safe in October and Always

Although October is National Cybersecurity Month, it’s important that you think about cybersecurity throughout the year. Always be on alert and implement cybersecurity best practices all year.