Cyber Security Awareness Month – October 2022
October 7, 2022Data Breaches and Root Canals– More in Common Than You May Realize
October 20, 2022With Cyber Security, the Best Offense Is a Good Defense
It’s autumn again, and for many of us, that means football season! Lots of Americans love watching the game on Sunday and seeing their favorite team battle it out on the gridiron. From the touchdowns to the field goals and the interceptions to the big hits, it’s all thrilling to watch. However, as you resume your football rituals this season, take a moment to draw some parallels between the game and your cyber security strategy. If you haven’t given it any thought, there are a lot of similarities between football and cyber security.
We’ve all heard the best offense is a good defense. This adage is applicable in both football and cyber security. A strong defense is critical in football to keep the other team out of your endzone. Likewise, with cyber security, a strong defense will prevent cyber criminals from infiltrating your network and compromising your personally identifiable information (PII). Having the most robust defense possible will protect your sensitive business data. In the 2021 season, the Buffalo Bills had the best defense in the NFL. So, suffice it to say, you want your cyber security defense to be like the Buffalo Bills.
Consider this. Think of the ball as malware, which makes the offensive players cyber criminals. See the connection? For instance, many NFL teams use the “play action” strategy, where their quarterback fakes a handoff to a running back only to pull the ball away at the last moment to throw it. This falls along the same lines as cybercriminals and email phishing. With email phishing, a bad actor uses a fictitious but authentic-looking email to entice their victim to open an attachment or click a link that installs malware. Both strategies use the same tactic: deception. This trickery lures victims into thinking one thing is happening (like a run play or a genuine email), only to find that some other mischievous action is happening (a pass play or a malware install).
Perhaps you’re still wondering how NFL defenses that work against these play actions can help us understand how to avoid phishing scams. Think about it this way. Defenses in football watch the offensive linemen to determine if a play will be a run or a pass in disguise. If the linemen come forward to open a hole for the running back, then it’s a run. But if they stand straight up and pass block, we know it’s a pass. So, in this same way, when it comes to cyber security, you need to have your senses finely tuned for suspicious emails and determine if they’re trustworthy or if you should delete them. We recommend an acronym to make detecting malicious emails, and it’s called the SLAM method.
As we’ve blogged about before, the letters in SLAM stand for Sender, Links, Attachments, and Message. Anytime you encounter a suspicious-looking email, use SLAM like this:
- Check the Sender. Is the sender’s email address valid and free from spelling errors? If it’s wrong in any way, you’re likely being phished.
- Next, hover over any Links in the email message to see where they hyperlink you. If the URL doesn’t make sense for the link’s name or looks strange, don’t click it.
- With Attachments, never open these from anyone you don’t know. Attachments can contain malware that can infect your PC even if the email comes from someone you trust. So, if anything looks odd (or phishy), double-check with the sender by phone or text to verify if the email is legitimate.
- Finally, check the email’s Message for any spelling or grammar errors or an uncommon sense of urgency. These can signal a cybercriminal is baiting you.
All we’re getting at here is that if you can find a way to connect something you love, like football, to what will protect your data, you can safeguard yourself from the embarrassment, business impact, and costs associated with a data breach. For more help with shoring up your defenses, training your staff, or seeing what business data you may have already exposed on the Dark Web, contact Athreon for a free security consultation! Here’s to a winning season ahead – on the field and off!