Connecticut is the fifth riskiest state in the nation in terms of cybersecurity after Mississippi, Louisiana, California, and Alaska. States that rank after CT are Texas, New York, Missouri, Utah and Florida.
That’s the bad news. Sadly – there isn’t any good news but we try to be balnced so here are some interesting facts about the state…
- Connecticut is home to the first hamburger (1895), Polaroid camera (1934), helicopter (1939), and color television (1948).
- 1937, Connecticut became the first state to issue permanent license plates for cars.
- The first English settlers of Connecticut arrived in 1636, settling the plantations of Windsor, Hartford and Wethersfield.
Getting back to present times - some of the things that affected the ranking are keeping social media accounts private, reusing passwords across multiple accounts and relying on free antivirus software.
Americans in every state were overconfident. An astounding 88% feel they take the right steps to protect themselves. But remember, only 10% of people scored an A on our test, and the highest scoring state (New Hampshire) still only got an average of 65% (that’s still only a D).
While the average American has a surface level understanding of common cyber threats, there’s a lot of room for education. Many of those interviewed have heard of malware (79%), phishing (70%), and ransomware (49%), but few could explain them. Defending against the most common online threats in today’s landscape requires a basic understanding of how they work. After all, the more cyber aware you are of an attack such as phishing, the greater chance you have to spot and avoid it.
Along with understanding common cyberattacks, it’s also important to recognize threats to your online privacy. An alarming amount of Americans don’t keep their social media accounts private (64%) and reuse their passwords across multiple accounts (63%).
We broke the news last June that Connecticut’s Governor Malloy unveiled a cybersecurity plan for the state. The 41-page document acted as an excellent guide to keeping business and individuals secure. It explained cybersecurity is abusiness risk, not just part of IT. Also, Boards of directors and chief executive officers need to recognize how easy it is to penetrate and damage an inadequately protected business and lead the process of creating effective cybersecurity defense programs tailored to their companies. Another important point: Small- and medium-sized businesses need to be cyber secure in order to win business from larger companies that will select the more cyber-advanced competitor.
Simple ideas to improve cybersecurity are to keep computer operating systems and software patched. Ensure social media accounts are private. Be careful what you share. Be aware of phishing emails which can be used to hack your computer, network, bank accounts and steal your identity.
For businesses, other important things which must be done are as follows:
Regularly use a phishing simulation service like Phish360 to send fake phishing emails and train users who click.
- General Cybersecurity training must be done regularly.
- Auditing and documentation must be performed regularly to ensure systems are secure.
- Anomaly detection should be running constantly to detect threats as they emerge.
- Penetration testing shows if systems can easily be reached from the outside.
- Network forensics for when a breach eventually occurs. The bad guys always seem to get in eventually.
Cybersecurity is part technology, strategy, science and competition. That last term may be surprising but it shouldn’t be. With millions of companies which hackers might want to hit and billions of users… If one individual or company is more secure than others, the hacker is likely to just move along to the next target.
Now is the time to get started and perhaps Connecticut can move up the rankings next year.