We are all creatures of habit. Some habits we’d rather get rid of. But others can be beneficial.
When it comes to cyber security, building good habits is essential. By building better security behaviour into our lives, we reduce our cyber risk.
So how do we go about making good cyber security behaviour a habit?
On average, it takes 66 days for someone to adopt a new habit. With time, the behaviour becomes automatic.
It might seem daunting. But the more we persist with a new behaviour, the more likely it is to become something we don’t even think about anymore. And that’s when the benefits kick in.
How can we apply this to cyber security?
Many of us have well-entrenched password habits. We have one or two memorable phrases we use over and over again. When prompted to enter a new password, we barely think before using the same one.
Yet, these reused passwords are rarely strong or secure. We choose what seems easiest, even if it’s at greater risk.
Building new habits for password creation and management can reduce this risk. The National Cyber Security Centre recommends using three random words to generate a password. Saving these passwords in a browser keeps track of them.
Update, update, update
People are good at ignoring software updates. It’s all too easy to ‘save it for later’ and forget about it. We often can’t see the immediate value of updates, so we underestimate their importance.
Software updates reduce cyber risk. Out-of-date software contains weaknesses that can be exploited by cyber criminals. Updates fix these weaknesses.
Regularly updating devices is a good habit to build. Turn on automatic updates where possible. Start noticing reminders, and acting on them sooner rather than later.
With time, updating devices will become routine. And your devices will be more secure as a result.
Back it up
In the event of a cyber attack, good habits stand us in good stead. Frequently making copies of data and saving them elsewhere means data can be recovered quickly if lost or stolen.
Automatic backups regularly save information to the cloud. Backups can also be done manually on hard drives or USB sticks.
It’s particularly important to backup data before updating devices. This prevents loss of data through files being changed or removed.
Effective backing up of data makes a big difference to organisations that experience ransomware attacks. Sophos carried out research into ransomware attacks on businesses in 2019. Organisations with effective backups retrieved their data for less than half the cost of organisations that paid ransoms.
Keep up with trends
Cyber criminals move with the times. As noted in previous blogs, criminals exploit certain circumstances – such as the pandemic – to target individuals.
Keeping up to date with the latest scams helps you better recognise threats. HMRC frequently publishes examples of phishing scams claiming to come from them. Making a habit of checking the news or the government website will keep you informed.
Tools to help
Building better habits is a great way to reduce cyber risk. But habit building can be hard. CybSafe’s Assist, Protect and Connect tools can help.
CybSafe’s tools provide ongoing and personalised support to improve cybersecurity behaviour. CybSafe Assist offers support and guidance on demand. It provides answers to cyber security questions when people need them most. CybSafe Protect is an interactive tool that helps improve security behaviour through goal setting. And CybSafe Connect is a mobile app that lets people access cyber security help wherever they are.
Human error is to blame for 90% of UK cyber breaches. Building people’s resilience to cyber threats is vital.
Through forming better habits online, we can reduce cyber risk. It starts with one action at a time.