A New Year’s reflection on (cyber) hygiene: How not to get duped this year
By: Blair Radbourne, Senior Vice President, Enterprise Technology & Cybersecurity, OMERS
January 13, 2025
A new year is a great opportunity to take stock of the world around us. In my line of work, I’ve been thinking about how rapidly cybersecurity continues to evolve – and how, regardless of the change around us – what stays the same is the ability we each have to protect ourselves, and each other.
Ransomware, cyber espionage, and more ransomware. With each passing year it becomes more difficult to stress just how much and how fast the cyber landscape has changed (and continues to change). All of this means continued vigilance is necessary, both personally and professionally. Don’t be afraid; be prepared.
Here’s how.
Strong cyber hygiene has never been a more important practice and what follows are some example steps that each one of us can take. Use multifactor authentication. Know who you are dealing with before clicking on links in emails and text messages. Download updates to your devices when they are rolled out. Don’t put them off. Like flossing, these activities need to be part of your digital routine to keep your devices and digital identity healthy.
Here’s why.
The global community continues to see the effectiveness of cyber threats in modern warfare. There are three broad categories in which these cyber threats continue to take shape: cyber espionage (targeting for political/military/diplomatic intelligence), information/influence operations (social media manipulation) and cyberattacks (disruptive/destructive targeting of critical infrastructure and/or other assets).
Newer challenges here today include ever-more-sophisticated ransomware; while this security challenge has been a prevalent risk for over a decade, today this attack vector is increasing in sophistication, with threat actors utilizing AI-assisted coding to augment their capabilities writing, testing and debugging code.
Threat actors are also pivoting to use AI-assistance for sophisticated phishing and vishing (short for voice phishing) and technology is being leveraged for identity theft via deep fakes, looking to bypass the security offered via traditional measures to prevent social engineering attacks. Finally, AI-assistance is expanding the range of exposed vendor vulnerabilities while decreasing the time to exploit these vulnerabilities.
For many, a new year is a time to make resolutions. Make a resolution – and keep this one - to be vigilant. Take the time this year to make cyber hygiene part of your routine.