Post

To live is to risk it all

Posted
By Ryan Aspden 5 min read

This is not me phishing for complements

“To live is to risk it all” — Rick Sanchez

Risk is an unavoidable part of life. Whether you’re driving to work, enjoying a steak sandwich for lunch, or riding your bike with the kids on the weekend – everything you do carries some level of risk.

That doesn’t mean you should avoid risks altogether. Driving a car has its dangers, but it also provides freedom and opportunities. The key is to manage those risks with simple precautions – like wearing a seatbelt, maintaining a safe following distance, and choosing a car with a five-star safety rating – so that the benefits far outweigh the potential dangers.

The same principle applies to using computers and browsing the internet. There are risks involved, but by taking a few simple, practical steps, you can significantly reduce your chances of falling victim to a scam and minimise the impact if you do – and don’t feel bad, at some stage everyone falls for a scam.

In this post, part of my #CyberObservability series, I’ll walk you through three straightforward actions that will help keep you safer online, and eliminate 99% of those scams facing folk like you and I:

  1. Password Safety.
  2. Device Safety.
  3. Scam Awareness.

Password Safety

Your passwords are the first line of defence for your online identity. While they safeguard your accounts, they also represent a significant security risk. So, how can you manage them effectively?

Enable Two-Factor Authentication (2FA) everywhere

Whenever a service offers two-factor authentication (2FA), turn it on. This adds an extra layer of security by requiring a second step to verify your identity when logging in. The second factor could be a code from an authentication app on your phone, or a one-time code sent via email or SMS. Not all 2FA methods are equally secure, but any 2FA is far better than none. 2FA significantly reduces the risk of unauthorised access, even if someone gets hold of your password.

Use long and strong passwords

A longer password is significantly harder to crack, no matter what characters it contains. Modern hacking tools can instantly break an 8-character password, but a 10-character password could take hours, and a well-structured passphrase could take centuries.

The best approach? Use a passphrase made up of multiple words that are easy for you to remember but difficult for hackers to guess. Use a tool like useapassphrase.com to generate strong yet memorable passphrases. XKCD has a great visual explanation of this concept: XKCD Password Strength.

Use a Password manager and unique passwords for each account

A password manager is an app that securely stores your passwords, acting like a personal vault. It saves your login details and fills them in for you when needed. The only thing you need to remember is a single (strong) master passphrase.

Why is this important? Most folks reuse passwords across multiple sites – I know I once did – making them vulnerable. If just one of those sites is breached, hackers can easily try the same credentials on other services. A password manager allows you to use a unique, random password for each account, eliminating this risk. Some trusted password managers that I’d recommend include Bitwarden and 1Password.

Device Safety

Your devices — whether it’s your computer, laptop, tablet, or phone — are your gateway to the digital world. Keeping them secure is essential. Here’s how:

Enable automatic device lock

Set your device to lock automatically after a few minutes of inactivity. Require a PIN, password, or biometric authentication (fingerprint or facial recognition) to unlock it. This prevents unauthorised access if your device is lost or unattended.

Keep Software & Security Updates Turned On

Ensure automatic updates are enabled for your device’s operating system and apps. These updates fix security vulnerabilities which are uncovered each month.

Remove Unused Apps

Regularly review and uninstall apps you no longer use. Abandoned or outdated apps can become security risks, especially if the developer sells them to a scammer who injects malicious code.

Be Cautious About Software & App Downloads

Only download apps from trusted sources like official app stores, and avoid installing software from unknown websites – malware often hides in deceptive downloads.

Additionally, ignore pop-ups or unexpected alerts pressuring you to install something. If in doubt, ask a trusted friend or family member. Always research the software before installing it.

Scam Awareness

If the first two areas focused on technology and processes, this one is all about you – because, in some way, shape, or form, people are always the target of cyber scams.

New scams appear daily across social media, email inboxes, and messaging apps. While you don’t need to become a cybersecurity expert, it’s crucial to stay aware of the latest threats on the platforms you use.

How Can You Stay Informed? There are plenty of resources available to help you stay ahead of scammers:

  • PodcastsHacking Humans is a great weekly listen, and a very approachable podcast.

  • YouTube Channels – There are many videos that break down scams in an easy-to-follow way.

  • Websites – Websites like NetSafe provide a treasure trove of up-to-date scam alerts and advice.

Find a format that works for you and make it a habit to stay informed – a little awareness can go a long way in keeping you safe online.

Wrapping it up

Again, risk is an unavoidable part of life, but it’s also a part of life that can be managed. Be sure to take you online well-being into your hands and ‘own your online’.

Lastly, be sure to follow the tag #CyberObservability to explore all articles in this series.

Cybersecurity, Risk Management
cybersecurity risk management cyber observability
This post is licensed under CC BY 4.0 by the author.