Veil of Security: The Individual

e often shy away from discussing difficult topics that make us feel deeply uncomfortable, whether it's controversial issues, life insurance, or the unsettling experience of being digitally violated. "Never talk religion or politics," they say. I've never understood this adage and why we avoid the most meaningful conversations in life, instead opting for small talk about the weather. By keeping the darkness hidden, we allow it to fester, leaving ourselves vulnerable to the very dangers we refuse to acknowledge. Yet by acknowledging our vulnerabilities we destroy the foundation on which these uncomfortable topics stand on, while putting ourselves in a stronger position to react positively to the discussion.

Social Manipulation: The Rising Threat

Even though discussing incidents of fraud and attacks on your identity are never an easy thing, it is becoming increasingly important to do as we live in an era of unprecedented technological advancement. This era is not only challenging how we approach our traditional institutions but also has the potential to drive the financial and societal toll of cybercrime to new all-time highs. In 2023 alone, over $10 billion was lost to fraud representing nearly a 14% increase from the previous year—and that's just the reported cases. [1] And still, this total does not account for the potential harm that could be caused as, year after year, our sensitive Personally Identifiable Information (PII) continues to be compromised. Each breach adds to an ever-growing threat, with compromised PII being exploited in increasingly sophisticated and targeted cyber-attacks, amplifying the potential damage far beyond the initial financial loss.

Putting Our Heads in Digital Sand

The incident of the background-check service National Public Data (NPD) is a great reminder about the importance of proactive preparedness and why we can't afford to keep our heads in the digital sand. Starting from December of 2023 and continuing to the Summer of 2024, a group of hackers compromised sensitive PII held by NPD, which is estimated to amount to the entirety of the United States population with 2.9 billion records compromised. [2] According to a complaint filed in the US District Court for the Southern District of Florida, the group listed the database for sale at $3.5 million. [3] This breach among the many others in recent years, exposes the urgent need for greater individual awareness, education, and increased conversations about how we can protect ourselves in a time when "trusted" companies fail to protect our sensitive information.

False security is worse than insecurity. It can lull you into a fabricated sense of safety, leading to greater risks.

As we stand at the crossroads of innovation and vulnerability, the question before us is simple: will we continue to walk blindly into the digital future and expect corporations to fully protect our data, or will we take proactive ownership and steer toward a more secure horizon? By embracing the uncomfortable conversations we often shy away from, we can illuminate the shadowy waters where these threats reside and move from a reactionary state to crafting a culture where security is not an afterthought, but a foundation.

Top Five Essential Security Tips

1. Situational Awareness: Criminals will target and attack at vulnerable and/or busy times of life. Ask yourself "Is this situation normal?" "Is it invoking a sense of fear or doubt?"
2. Password Hygiene: Create passwords that are at least 15 characters long, enforce multi-factor authentication using an app or hardware token, and consider using a password manager.
3. Back-up: Ensure that all your physical and digital documents are regularly backed up in a secondary location separate from the original source.
4. Self-Assessment: See "Challenge" for ideas.
5. Careful What You Click: Be cautious when clicking on links, downloading documents, or opening files. Always verify the source whenever possible.

• Bonus: Freeze your credit when it’s not needed, and consider freezing your child's credit until they turn 18. [Learn More]

Challenge:

Perform a self-assessment to determine your overall security posture. Questions to consider:

1. Are you reusing passwords and email addresses across multiple accounts?
2. What type of information is posted and public on social media (in particular LinkedIn)?
3. What comes up when you search your name on Google and other search engines?
4. Where do you store sensitive information? Locally on computer, cloud services, online accounts, etc.
5. Is you data fully backed up and where to?
6. What other security measures are you taking to protect yourself online and physically?
7. When do you find yourself most distracted during the year? Are there specific times when your online presence increases?
8. Who in your family might be unfamiliar with these topics and potentially the most vulnerable? Share these key tips with them.

[This article is part of the 'Veil of Security' four-part series]

• Veil of Security: The Individual - 8/26/24
• Veil of Security: The Corporation - Oct. 2024
• Veil of Security: The Audit Firm - Dec. 2024
• Veil of Security: The Coming Attraction - Jan. 2025