Sage Advice - Cybersecurity Blog

We’re a year in to the COVID-19 pandemic in the U.S. There are still millions of people working from home, and studies suggest that the model of working remotely – whether full-time, part time, temporary, or permanent – probably won’t go away completely anytime soon. A Gartner survey revealed that 82% of organizations will continue to allow increased work from home (WFH) days post-pandemic, and some 47% are considering allowing employees to WFH full-time post-pandemic. That’s a huge percentage of the workforce. Having a safe and secure at-home network is becoming increasingly important (and necessary) to keep cybercriminals away from your personal and professional data.

Following are five tips, gathered from SANS, that you can easily implement to ensure a more secure home office network.

As we’ve learned before, there are many ways hackers can get to your valuable data. From under-the-radar location tracking, to sophisticated in-person and online social engineering and phishing attempts, to full-blown ransomware attacks, and more. Cybercriminals are always on the move to carry out bigger, better, and more impactful attacks to get what they want.

This year brought about unprecedented changes that no one was prepared for. It served as an important reminder that in the rapidly changing environment, organizations need to be prepared to respond to threats and recover from disruptions so they can continue to thrive.

Passwords are essential to keep both your professional and personal information protected. With nearly all business being conducted online and many of us working remotely, we all have multiple accounts to manage. Strong, unique passwords are a great defense against hackers.

The cyberthreat environment changes every day. New malware is developed, new social engineering tactics are deployed, and fraud is seemingly lurking around every corner. Because of the cybersecurity risk that these threats pose, we are all responsible for doing our part to keep information secure at home and at work.

Hackers are constantly developing new ways to infect systems globally. As threat detection services and security teams catch on to their tactics, they continue to build and deploy new malware to feed their personal wallets. We are seeing more malware than ever, and this cycle will only get worse. Let’s review the predicted threat environment for 2020.

The popular tax preparation software TurboTax recently announced that an unauthorized party had accessed an undisclosed number of its clients’ accounts. But it wasn’t because they had suffered a data breach. Instead they were victims of a credential stuffing attack – a cyberattack that continues to gain popularity. 

If you’ve been the victim of identity theft, you’re not alone. In the past five years, we’ve seen healthcare data breaches grow in both size and frequency, with the largest breaches impacting as many as 80 million people. One in four US consumers had their healthcare data stolen in 2017, and 50% of breaches resulted in medical identity theft. Victims paid an average of $2,500 out-of-pocket costs per incident (Accenture).

If we look back at some of the recent cybersecurity headlines, it’s clear to see that it’s been a year full of ransomware and cover-ups. We saw a significant uptick in the maturity and sophistication of attacks. Not only was more data stolen than ever before, the biggest hacks we’ve ever experienced occurred. It short, it was a banner year for hackers.  

When threat hunting, you must first understand the adversaries you’re facing. While their techniques may be very similar, what motivates them can be very different. Understanding these motivations can provide you with a better understanding of where and when a cyber attacker may strike or when an unwitting accomplice takes measures that present undue risk to the organization.