Special Kids Individualized Learning Life Skills
Cyber Security Essentials
Cyber Security Essentials
Below, we will walk you through some key essential points with security awareness. We’ve also included a few real world scenarios that describe how threat actors (bad people with bad intentions) use some of these attack vectors to their advantage. By doing so, we hope to illustrate the need of for strong security measures, and to provide you with real world examples. Hopefully this an effective way to teach what to look out for and to help you understand the realities of why they need to take security seriously.
Identities are the number one attack vector, it is imperative that you understand how to protect them.
What does identity mean when we’re talking about cyber security?
A digital identity is a collection of unique identifiers that helps computing systems identify internal and external users and what they’re permitted to access. These associated identifiers or attributes are recorded and updated throughout their tenure with an organization, keeping permissions and security efforts current. Attributes may consist of email address, login credentials (username/password), pin numbers, etc
Remind them that your passwords need to be as long and complex as possible, as well as impossible to guess. Passwords should never be reused or shared, and MFA (Multi-Factor Authetication) should be enabled wherever possible. Lastly, you should never change a password via an email (an exception to this is a password reset email that YOU have request).
Email is the center of communication in the digital space and it would be catastrophic if you lost control over your email account. If you ever loose access or control over your email you should immediately contact the person in charge of IT (i.e. Mark or Chris).
Additionally, you need to understand importance of taking a few seconds to critically think through why you’re receiving an email. For example, you should make a habit of running through some of these questions:
- Does this email make sense?
- Did I click a link asking for this email?
- Did I ask someone (a team member or customer) to send me this?
- Did I engage with a website to send me marketing emails?
When possible, a good rule of thumb to follow is that if anybody receives an email from a site that is requesting some sort of action to be taken, they should manually type in the site address in their browser and navigate to the site that way. Generally, you should learn to distrust that an email is from who it claims to be. Lastly, you should know to not open attachments from emails they’re not expecting to receive.