Cybersecurity: How to Make an Impact

Cybersecurity is everyone's problem. It's easy to think of only large enterprises falling victim to a data breach or a ransomware attack, but when a customer gets a letter saying their information was compromised, those breaches become personal.


The vast majority of security events occur because of human error — someone clicks on a bad link in an email or software and browsers aren't updated regularly. For this reason, the National Cyber Security Alliance reminds users that it's up to every internet user to promote cybersecurity awareness and to make security best practices part of everyday computer use. Here are some tips on how to make a cybersecurity impact.

Keep up-to-date with current threats

Cybercriminals are good at staying one step ahead of cybersecurity systems and tools. They are also sophisticated when it comes to the way they attack. Today's cybercriminals use techniques such as spearphishing and whaling (phishing attacks that target high-profile people like CEOs, celebrities, and politicians), personalizing attacks by making them look as though they're from a coworker, or preying on the known interests of the target to entice them to open an email, attachment, or link.


Malware such as ransomware has evolved from simply taking data hostage for payment, shutting down entire networks, or not releasing the data at all. Knowing the latest cyberthreats and tactics can keep users from being victimized. Websites like Krebs on Security, Help Net Security, and Security Watch provide users with the details of the latest scams, threats, and attacks.

Every user should be educated

If you're using a device connected to the internet, you should be well-versed in cybersecurity best practices. That applies to every member of the family. Initiatives such as National Initiative for Cybersecurity Education (NICE) push to bring cybersecurity education into the classroom. Outside of school, parents should encourage password-protecting devices, logging off websites when they aren't in use, and adding security software to every device. Children should also be taught how to detect phishing emails, warning signs of malicious websites, and the threats that lurk on social networking sites.

Use social media wisely

Social networks are a treasure trove for cybercriminals, affording them personal details they can use to target phishing emails. They also open users up to scams directly on the sites. For instance, a sports video with malicious downloads may pop up on a sports fan's Facebook page. By using privacy settings, being selective about friend requests, and verifying everything before clicking on videos, articles, or pictures, users can stay safer. Encourage connections to do the same.

Stop and think

Today's online landscape is complex and subject to rapid change. As a consequence it is not possible to train everyone for every eventuality. Instead, training should focus on enduring behaviors like “STOP. THINK. CONNECT,” which encourages users to question the security implication of every online action.


“‘Stop and think’ gives an opportunity for the individual to identify the risks, weigh them in their minds, and then consider the appropriate actions,” says Steve Durbin, managing director of the Information Security Forum. “‘Stop and think’ can be viewed as ‘conscious competence’ as people bring to bear their skills, experience, and judgment.”

More information

Protecting your bank accounts is crucial so you can never be too careful. Start with the simplest and most affordable tools available. To learn more, visit our security, privacy, and fraud-prevention page for more tips on how to stay safe online.

Disclaimer: Views expressed in this article and the third party links contained herein may not necessarily reflect those of Citizens Bank. Citizens Bank does not guarantee the accuracy of the information contained on the third party websites linked to in this article, nor do we endorse the products or services mentioned or provided on said third party websites. The information contained herein is for informational purposes only as a service to the public, and is not legal advice or a substitute for legal counsel, nor does it constitute advertising or a solicitation. You should do your own research and/or contact your own legal or tax advisor for assistance with questions you may have on the information contained herein.