Cross posted from our blog. Good advice from Roger Grimes, Knowbe4’s Data Driven Defense Evangelist.
The three best things you can do to improve your computer security, bar anything, have been the same three things you should have already been doing for the entirety of computers. The top three threats have been in list of top threats since they made enough computers with shared access to allow unscrupulous people to do malicious things with them.
Don’t Get Social Engineered
At the top of the of the computer threat list is social engineering. Social engineering is done by someone or something pretending to be something it’s not, often posing as a brand or item that you would otherwise trust more than something unknown. It then asks you to reveal confidential information (like a password) or to run a Trojan Horse malware program. It’s a con!
Social engineering is responsible for 70% to 90% of all malicious digital breaches. No other single root cause of a computer exploit comes close. The single best thing you can do to prevent computer maliciousness is to focus on mitigating social engineering. Concentrate on it first and best. To do otherwise, unless you have it well handled, is to be inefficient in your computer security defense. [continued in blog]