DAST
Continuously monitor web applications for vulnerabilities at scale with Cobalt Dynamic Application Security Testing (DAST).
DAST
Continuously monitor web applications for vulnerabilities at scale with Cobalt Dynamic Application Security Testing (DAST).

Beginner Cybersecurity Tips

The holiday season brings about the traditional business of shopping for gifts, decorating, and traveling but it also brings more criminal activity.  Cybercriminals show increases in their hacking activity during the holidays because many people will lower their guard during this festive time of year.

Yet, it’s a mistake to let your guard down. 

Instead, here’s a list of cybersecurity tips for the holiday season, ranging from best practices to simple tricks to increase your security. We’ll also include tips on how to create and keep good cybersecurity habits that will last all year long. Let’s dive right in!

Beginner Cybersecurity Tips for the Holidays

1. Employee Awareness

With this time of year being a popular attack time for cybercriminals, it’s a good time to refresh your team on cybersecurity best practices. Cybersecurity employee awareness training is one of the most important ways to ensure your company is prepared to prevent an attack.

To help with this, here’s a curated set of security communications about phishing, MFA fatigue, physical security and proper VPN usage to email your employees and help improve their cybersecurity awareness.

2. Secure Wi-Fi

Ensure you're always using a secure wi-fi connection whenever possible.

With holiday travel, it may require you to access a public Wi-Fi network, but do so with care! There are tools such as VPNs that can make accessing a public network more secure. Two other important best practices when accessing public wi-fi networks are to verify the network and ensure you have a firewall enabled.

3. Double-Check Emails

Think before you click! When clicking any link — on a website, app, or within an email— you should always double-check the link is associated with the correct domain and not a phishing attempt.

This is especially important with our emails because 90% of cyberattacks begin with emails

4. Multi-Factor Authentication

Ensuring your accounts are secure with 2-factor authentication (2FA) is one of the most effective ways to increase your security. 

According to Slate, 2FA has been associated with stopping 100% of bot attacks and nearly 90% of targeted attacks. Its highly effective nature makes it an ideal tactic for security teams looking for cost-efficient security solutions.

4. Lock Your Computer

This seems obvious but it’s important to reiterate that you should always log off your laptop before walking away from it. This is likely an extra good reminder for companies operating in a remote-first environment because it’s not as natural of a process to log off when you’re in the comfort of your home. But it’s incredibly important when in an office.

What are Good Cybersecurity Habits?

Overall, many of the tips for the holiday season function perfectly throughout the whole year. There’s seldom a time when improving employee awareness or using secure Wi-Fi is a bad idea.

That said, it's important to always verify requests for private information. Other best practices for cybersecurity include:

  • Make passwords a sentence
  • Keep software up to date
  • Backup important data regularly
  • Delete unused sensitive information
  • Share with care
  • When in doubt, report it to your security team

How to Keep Up to Date with Cybersecurity?

While there’s no silver bullet to stay up to date with cybersecurity, there are a handful of best practices to add to your routine. These range from following cybersecurity influencers to subscribing to top security podcasts or attending live events related to security.

Another great way to stay up to date with security trends is to follow vulnerability and risk advisory feeds such as National Vulnerability Database or use a tool that leverages these insights. 

For example, the Cobalt PtaaS platform now offers insights directly related to your asset’s vulnerabilities using the MITRE’s CVE (Common Vulnerabilities and Exposures) list. This new feature relates to perhaps the best practice to stay up to date with security trends and that’s setting up custom security alerts. All and all, staying up to date with a fast-changing sector such as cybersecurity requires continued effort. 

In closing, remember that your cybersecurity is only as strong as its weakest link. This includes people and processes but also timing — with the holidays being one of the busiest times for attackers. 

Beyond the best practices listed above, another way to protect against cyberattacks is with increased security monitoring such as with Cobalt’s pentesting services which help hundreds of customers each year. Furthermore, Cobalt recently introduced Agile Pentesting Services to better serve fast-growing and agile teams.

New call-to-action

Back to Blog
About Jacob Fox
Jacob Fox is a search engine optimization manager at Cobalt. He graduated from the University of Kansas with a Bachelor of Arts in Political Science. With a passion for technology, he believes in Cobalt's mission to transform traditional penetration testing with the innovative Pentesting as a Service (PtaaS) platform. He focuses on increasing Cobalt's marketing presence by helping craft positive user experiences on the Cobalt website. More By Jacob Fox