I know that people online might not be who they claim to be.
Assessing The Risks That My Family Can Face In Cyberspace
Today, we are living in a digital age where most people, especially our families and friends, interact, communicate, exchange information, do business, and even play games together via the internet.
Having our devices connected to the internet, and being exposed to the new technologies such as social media platforms, online games, e-commerce, e-banking, e-learning, in addition to other cloud-based and communications services, expose our families and beloved ones to a different level of cyber risks, especially if they are not equipped with the right knowledge to assess the risks and identify the threats and vulnerabilities in addition to their impact.
In general, risk is assessed according to the following formula: Risk = Likelihood * Impact.
The following definitions clarify what we do mean by each of the formula’s factor:
Cyber Risk: is the probability of being exposed, affected, by a cyber threat (virus, worm, hackers …) or being exploited by a vulnerability within your IT systems or infrastructure (system not patched, outdated antivirus, weak password, privacy settings not set, …) Cyber risks may result in data or financial loss, reputational damages, and sometimes such damage might be higher than that and might lead to physical, mental harm, or even death.
Impact: is defined as the level of harm or damage, that might affect you and your family, further to being exploited by a vulnerability and /or a threat, for example; data leak, identity theft, privacy breach, …
Likelihood: in order to assess your family cyber risks, you need to understand and evaluate their likelihood of being affected by cyber threats and/or vulnerabilities at a first stage, in addition, to compare the length of their exposure to the connected world and their technical know-how of the existing tools to identify and mitigate these dangers. Thus, the likelihood value is calculated based on the following factors: threats, vulnerabilities, exposure, and mitigation measures.
Cyber Threats refer to any malicious code (virus, worm, phishing, …) or actor (hackers, criminals, predators, hacktivists…) that can exploit your digital weaknesses/vulnerabilities to cause harm to you and your family.
Vulnerabilities include any weakness in the system configuration and applications, in addition, the knowledge and capabilities of your family members to secure their digital devices and online presence. Vulnerabilities can expose you and your family to different types of risks. Thus, a vulnerability assessment is essential to identify your family's weaknesses and strengths in protecting their online presence.
Exposure is the frequency and duration of being connected and present online. Long periods of connectivity and presence online increases the likelihood of being targeted.
Mitigation measures are the measures and tools that you may use to limit, control, and protect your family digital assets, like firewall, antivirus, etc. in addition to your family online presence policy and their knowledge to assess digital threats.
Vulnerability assessment is the process of identifying risks and vulnerabilities in applications, networks, systems, computers, mobile devices, or any other digital equipment within the information technology ecosystem. This process allows you and your family members to analyze, identify, and prioritize vulnerabilities’ risks for potential remediation in the proper context.
Vulnerabilities assessments give you and your family members, the ability to identify and set up a clear plan, to decrease or eliminate potential risks, that might result from different vulnerabilities within your technology assets and infrastructure.
Family technology assets inventory
To be able to better identify and calculate the attack surface and to have an accurate vulnerability assessment report, it is mandatory to have a real-time inventory of all IT assets, IoT, cloud-based application, social media and email accounts, in addition to any other 3rd party systems which you might be using like internet routers.
How do I assess the risks that my family may face in cyberspace?
Assessing your family risks in cyberspace is not a straightforward exercise.
It is affected by a bunch of factors that you need to get yourself familiar with as a first step.
Thus, the objective of this article is to equip you with the knowledge on how to assess and limit the impact of a risk your family might be exposed to, such as identity theft of your daughter’s Instagram account due to weak password, or even a data leak for some personal photos that are stored on her Facebook page, due to wrong privacy settings; Or even being exposed to other risks such having all your family computers infected by a worm because your antivirus systems are out of date.
Today, being connected to the digital world is a necessity for all our family members, even the youngest one, therefore ensuring their online safety is a must, as being connected alone brings a bunch of risks.
Accordingly, being connected for a long period, owning a long list of digital devices, being subscribed to multiple social media and digital platform make you and your family susceptible to a wide range of attack methods, and vulnerabilities, which creates a wide attack surface, starting from a simple weak password exploit to a phishing attack or even to a very sophisticated one.
Thus, mapping your family digital assets, their online duration, behaviors, and know-how, will give you a clear idea and help you in developing your risk assessment as well as prioritizing your corrective and mitigation measures, such as:
Remediation action plan for all identified threats and vulnerabilities, (software patching, antivirus updates)
Hardening your social media, emails and bank accounts (enforce privacy settings, multi-factor authentication, single password per platform)
Equip your family members with the necessary online safety knowledge/p>
Set a family online presence policy
Limit online data sharing
Secure and encrypt your family sensitive data.