What Can You Do?

It should not be the responsibility of the individual to ensure their safety online just as it's not their responsibility to do a safety inspection of every subway car before boarding. Without proper regulation, there are no perfect solutions that you as an individual can use to be sure you will never be victimized. However, there are things you can do that will help:

IOC-2.B.2

A strong password is one that is hard to guess.



Image provided for publication with permission from Nicola Whiting

Nicola Whiting MBE, is an award winning jewelry designer and author, turned cybersecurity expert. She is co-owner of Titania group, which she helped lead from a 3 person start up, to a world-wide leader in cybersecurity, specializing in tools that detect network security and compliance issues. Whiting serves on multiple boards focused on increasing diversity in Cyber Security with the aim of reducing group-think and accelerating innovation & organizational resilience. e.g. She is a key spokesperson for NeuroCyber, an organization whose mission is ensuring neurodivergent people (those who process information differently due to brain differences such as Autism, ADHD, Dyslexia etc) can thrive - through building "inclusion by design" into workplace culture, policy and practice.

Article by Nicola Whiting: All the Voices at the Table: the Benefits of Diversity

design flaws: IOC-2.B.10, authentication measures: IOC-2.B.1, strong passwords: IOC-2.B.2, multifactor authentication: IOC-2.B.3, IOC-2.B.4, malicious link: IOC-2.C.5, IOC-2.C.6, security settings: IOC-2.B.11
1. Run up-to-date software. The Windows 98 operating system was not sold after 2000, and not supported after 2006. But there are still computers running this obsolete system, including many in the US Department of Defense.[source] Usually, when people keep using obsolete systems, it's because they rely on application software that runs only in the old system.
2. Use authentication to protect devices and information from unauthorized access. For example:
   1. Use strong passwords. You need a separate password for every site you use. The only good solution is to use a password manager, a program that makes up a random password for every site. You just remember one password, the one for the password manager itself. It takes care of your other ones for you.
   2. Enable multifactor authentication (such as two-factor authentication) so you can only access your device or account after entering specific information (typically one is a password and the other requires another of your devices or accounts or the other uses something that detects your body like a fingerprint reader). It may feel like a hassle, but each step added to the login progress adds another layer of security.
3. Don't click links on websites or especially in email, without first double-checking that the actual URL in the link is what you expect. (Where does this link to http://google.com really send you?) If a computer or account of someone you know has been compromised, you may receive emails appearing to come from them that contain malicious links that could compromise your system or account. As you know, it's important to keep your software up-to-date, but a common trick is a pop up window asking you to download an update. Don't click those unless you're sure it really is a legitimate update. It's best to go to the "updates" section of the app or operating system for updates.
4. Don't use sketchy software. If the advertising says that the program will get you money, free stuff, pornography, or cheats for video games, it's very likely to be malware. A particularly sneaky category is fake antivirus software! Check the reviews in magazines (and double-check the link you plan to download from) in order to make sure you're getting what you really want.
5. Regularly review your security settings for the websites, apps, and programs you use. You can control the permissions for collecting and sharing your information.
6. Install Antivirus and anti-malware software. There are free versions of several popular packages available. Read reviews to find software that will match your needs and budget.
7. Don't connect to insecure WiFi. Ideally, WiFi networks should use WPA2 or WPA3 (WiFi Protected Access) security, but WPA is better than no security at all.