Off Topic
Market News & Data
General Info
Real Estate Strategies
Landlording & Rental Properties
Real Estate Professionals
Financial, Tax, & Legal
Real Estate Classifieds
Reviews & Feedback
Updated 19 days ago, 12/09/2024
Let's talk Cybersecurity!
Hello Bigger Pockets community!
Nice to meet you finally after years of listening to the podcasts and YouTube videos. This is my second step into this world.
Quick introduction about me:
I'm 28, I live in a small town in Quebec, Canada. I haven't done any deal yet. I don't have the time or the financial means at the moment for that. I'm working full-time, but also studying full-time. I'm finishing my bachelor degree in cybersecurity this December 2024 and celebrating with a baby due January 2025.
The goal of this post is not to make you an expert in the domain, but rather to spark your interest and invite you to re-evaluate your situation.
First of all, what is Cybersecurity?
According to dictionary.com, cybersecurity is defined as:
- 1. precautions taken to guard against crime that involves the internet, especially unauthorized access to computer systems and data connected to the internet.
- 2. the state of being protected against such crime.
It is a very generic definition, but it's not too far from the truth. For the full definition see the NIST website : https://csrc.nist.gov/glossary/term/cybersecurity.
Simply said, cybersecurity is protecting yourself or a business against threats in the virtual environment.
Second: Why is it important?
If cybercrime industry was a country in 2021, it would have been the world's third-largest economy after the U.S and China, totaling a 6 trillion USD in inflicted damages. Estimated to reach 10.5 Trillion by 2025. - 10guards.com: https://10guards.com/en/articles/cybercrime-as-empire-wou...
These numbers should scare you a little. They're scaring me... a lot.
Of course, we're only hearing about the worst cases in the news. Like the Colonial Pipeline incident in 2021. Sometimes about romance or investment scams.
But the real threat is everywhere. And might be everyone, like your employee, your mother, your friend or even yourself.
Human is, and will always be, the weakest link of your defense line. For a simple reason, we have emotions. Therefore, we can be manipulated or our judgement can be affected by anything that happened during the day.
It's called social engineering and it has multiple variants. One of those being Phishing. Think of fishing, and it's somewhat the same. Instead of using a fishing rod, they're using an email with a fake links that steals your username and password. Oh and... You're the fish.
They often use a mix of fear, threat and urgency to push a target to act.
It can be as simple as a 24 hours sale from your favorite shop that requires you to log in to your account first or your boss asking you to wire money right now or he/she/they will lose an important contract that will cost millions.
So cybersecurity is important because without that, you might have an incident that can cost a lot of money, impact your reputation and might affect your credit score. And yes, it might impact you even if you're not a business. It can impact you personally and your family. (See what i'm doing here? Talking about family to create fear and use that to get you to take action on your cybersecurity.)
Lastly, What can you do to protect yourself?
I have found a well-made checklist for you to go through: https://www.nar.realtor/law-and-ethics/cybersecurity-checkli...
I'd like to emphasize on some point though.
Section A:
- These are non-negotiable. Everyone should do all of these for work or personal usage.
- Before choosing a password manager, you should do some research on it. A good password manager should not have had any breaches. (How good is it if your password are leaked?). I like Bit Warden, but I encourage you to look around for what fits you best.
- MFA. It's easily the number 1 savior i've seen in multiple of my clients. It is annoying, 100% agreed. But it warns you of a connection happening to your account, and that simple prompt is often the last barrier before the attacker gain access to your email or business environment.
Section B:
- Patches are important. Do all of them. That's how security issues gets fixed. A fix will only be made if a vulnerability is found. Why fix it if it's not broken, right?
- Don't click links or files if you're not expecting it or if you feel pressured to do it. Call the person first and validate.
- I do believe having multiple backups is ideal. If you are a business, 3 backup is best. 1 Local (in your business environment, like a back up server.), 1 stored in a cloud environment (and secured) and 1 off site. For personal computers, I only use an external hard drive.
- Not all antivirus are the same. Again, do your research. Just a heads up: Windows Defender, the basic one installed on your personal computer, is good enough for personal usage. It's even better than some other brands. I would recommend to look into something more powerful for business/corporate usage.
Section C is not my expertise, but I would recommend to follow the law and have strong security policy such as minimum password requirements and regular changes.
To end this on a positive note, Cybersecurity is slowly moving to the forefront of business thinking and it's taken more seriously now than 10, 20 years ago. We're making progress.
Thank you everyone, be safe out there on the World Wide Web. Let me know what you think of this post and don't hesitate to ask questions!
TLDR;
Cybersecurity is protecting yourself or a business against threats in the virtual environment. Cybercrime as a country would be the third largest economy after US and China. Phishing is the number one attack vector and is successful because humans have emotions and can be manipulated. Visit https://www.nar.realtor/law-and-ethics/cybersecurity-checkli... for a nice checklist to improve your cybersecurity posture.
Interesting links:
Other resources:
CISA: https://www.cisa.gov/
Microsoft: https://support.microsoft.com/en-us/windows/protect-yourself....
Statistics:
AAG: https://aag-it.com/the-latest-cyber-crime-statistics/
Cobalt: https://www.cobalt.io/blog/cybersecurity-statistics-2024