Cyber security tips from student owned BaraSOC
Published: 30 Oct 2020
In 2020, CIT students banded together to launch BaraSOC, a cyber security company. They have a strong focus on helping the community prepare for challenges in the digital world. We asked founding member Greg Haroon about these challenges and what can be done to stay protected.
What are some of the current major issues for individuals and small businesses in terms of cyber security?
Awareness and alertness are important. You need good general knowledge about cyber security. You then need to apply that knowledge routinely and rigorously. We recommend authoritative online information sites, such as the Australian Cyber Security Centre for guidance.
There is no shortage of malicious people active in cyberspace, so try to stay on your guard. Unprompted messages are suspicious until their authenticity is confirmed.
Cyber hygiene is critical, much like physical hygiene during a pandemic. Use strong passwords and keep them secure; update software to keep it current, particularly antivirus software; use network firewalls and multi-factor authentication; and apply a regular schedule of backups.
What can people do to protect their personal information?
Use anti-virus software and spam filters to minimise unwanted messages and maintain caution and vigilance with unprompted messages. Consider cyber hygiene issues and consistently implement measures that are most relevant to your online activities.
Every business, large or small, needs at least one cyber security champion who will review relevant factors and advocate improvements, such as an access control plan for all employees. By using basic awareness training, plus periodic reminders and refresher sessions, try to make online thoughtlessness unthinkable.
What are some of the main mistakes people make in terms of their own cyber security?
Possible mistakes include, operating an online device in a state of reduced awareness and alertness; recognising security vulnerabilities, but deferring remedial action; and implicitly or explicitly using the "too hard basket" as an escape clause.
What are some of the main obstacles people face when setting up protections for their data?
For some it is fear of technical jargon and geekspeak. There are many online sources that promote a "common sense" view of the topic. For others it is limited resources available, like money, time or expertise.
Defenders may lack relevant knowledge or interest, while attackers may be extremely knowledgeable and enthusiastic. To defeat dedicated and determined attackers, you need dedicated and determined defenders.