National Cyber Security Awareness Month is coming up in October.\u00a0 Its goal is to raise awareness about cybersecurity and increase the resiliency of the nation in the event of a cyber-incident.\u00a0 With that in mind, here are five tips for consumers which I hope will spur thinking and discussion about how to protect your digital assets as a business would.\n\n\nSo many of our everyday consumer business processes -- finance, healthcare, etc. -- are now online.\u00a0 They\u2019ve become de-facto mission critical computing processes. We need them constantly accessible, available and secure.\n\n\nWith the stream of hacking incidents hitting the headlines such as the recent attacks on Home Depot, iCloud, and Target, together with various \u201ccredential dumps\u201d, it\u2019s time for consumers to get more serious about how they manage their cyber accounts.\n\n\nIt\u2019s time to treat your electronic assets as a business would. This means understanding your digital footprint, prioritizing your most sensitive assets, implementing higher levels of protection for those assets, getting more disciplined with regard to backups, and having a business continuity \/ disaster recovery (BC\/DR) plan ready to go ahead of time. So here\u2019s five tips to help you get started:\n\n\n1 \u2013 Take inventory of your digital footprint\n\n\nYour digital footprint is large and cannot be erased. While there are emerging features in social media related to disappearing posts where you get to schedule the deletion of your posts in advance, there\u2019s no global delete button that you can press to erase your digital tracks. Any attempt at this would need to be done one web site at a time and would be incredibly difficult, time consuming, and likely only marginally successful.\n\n\nWith your information scattered everywhere, it\u2019s important to think about what valuable information you have where. For example, how many web sites are storing your credit card info? How many have an up-to-date card number and expiration date? Where do you have important documents, files, and videos across the web? You can start by making a list in a spreadsheet and noting the types of sensitive data associated with each site. If there are particular sites that you no longer use, you may also want to delete your account profiles there.\n\n\n2 \u2013 Prioritize your most sensitive accounts \n\n\nOnce you\u2019ve taken inventory, and done some housekeeping, you can now prioritize the most sensitive accounts and ensure you\u2019re elevating your security levels in those key areas to the highest levels available. You can prioritize your accounts by the sensitivity of the data such as personal financial information, personal health records and so on. An easy scheme might be a classification of low, medium, and high for the levels of data sensitivity associated with each site.\n\n\nTo make the classification, think about your sensitive data such as financial and health information, but also how much of an issue it would be if your particular account got hacked and someone had access to this information and could alter the data, make fraudulent charges, or even steal your identity.\n\n\n3 \u2013 Set the strongest possible access control and authentication for these priority accounts\n\n\nFor these priority accounts, go through one by one and elevate your security and privacy settings. This means setting stronger passwords, changing your security questions, moving to higher levels of authentication where available, and higher privacy settings. You\u2019ll also want to change your passwords more frequently for these accounts.\n\n\nAccording to Apple blogger, Jonny Evans, when changing your security questions, \u201cthe answers just need to be memorable, not accurate\u201d. This will help to prevent incidents like the recent iCloud attack where the responses to the security challenge questions were easily guessed as one component of the overall attack method.\n\n\nWhere available, you should also set two factor authentication (2FA) for applications such as online banking, iCloud and so on. 2FA involves \u201csomething you know\u201d (the first factor) and \u201csomething you have\u201d (the second factor). The \u201csomething you have\u201d is often a verification code that\u2019s sent to your smartphone via SMS. Many new smartphones also offer biometric authentication which is even better since it relies on \u201csomething you are\u201d - your unique biometric such as a fingerprint.\n\n\n4 \u2013 Keep up to date with security patches, use caution when providing information online, and back up your data regularly\n\n\nIt\u2019s important to keep your operating system, browser, and other critical software up to date with the latest security patches to minimize threats from viruses and malware, and also limit the amount of personal information you post online. Watch out for retail sites that hide monthly subscriptions in their fine print, so you don\u2019t sign up for more than you bargained for.\n\n\nThe DHS\u2019s Stop.Think.Connect campaign has some good general tips regarding safer online habits. In addition, you\u2019ll want to back up your data on a regular basis either via an online service and\/or offline to an external storage device. Scheduling this backup automatically can help to ensure a regular cadence.\n\n\n5 \u2013 Have your personal \u201cBC\/DR\u201d plan ready to go ahead of time\n\n\nIt\u2019s important to keep an eye on your accounts to watch out for suspicious activity. This isn\u2019t just related to bank accounts, but applies to other online services which can be hijacked such as international calling plans with automatic top-ups from your debit card. If the hackers can guess your PIN, they have unlimited calls around the world until you figure out the breach and turn off your automatic top-up setting. If you discover a problem with one of your accounts, it\u2019s important to pay close attention to your other accounts as well.\n\n\nJust like a business, your personal business continuity \/ disaster recovery (BC\/DR) plan should help you continue your \u201coperations\u201d in the event of an adverse physical event, or if your accounts get compromised via cyber theft. Your plan should help you continue to operate \u201cbusiness as usual\u201d and recover your access. Keep a list of important numbers to call in the event of identity theft and a list of your credit card numbers in case they\u2019re stolen. It\u2019s good to have a paper copy of this information and well as a copy on your smartphone so you can report lost or stolen cards immediately. Of course, don\u2019t keep your PINs with your cards, and don\u2019t create PINs or passwords using information that can be guessed easily.\n\n\nThe good news is the banks are getting far more efficient with remediation. After the Home Depot incident, my bank notified one of my family members right away and within 24 hours he was able to get a new, embossed, debit card printed at the local branch a couple of miles away with no need to wait 5 days or more for the postal service to deliver a new card via mail. This kind of \u201cinstant issuance\u201d technology in terms of card printing has been around for several years, but is finding even more value in light of rapid response to cyber-attacks.\n\n\nCybersecurity is everyone\u2019s responsibility\n\n\nIn our latest Security Index, we found that credit and debit card fraud topped Americans\u2019 security concerns in 2014, against the recent backdrop of major retail and banking security breaches (Disclaimer: I work for Unisys). We also found that 60 percent said a security breach involving their personal or credit card data would make them less likely to do business at a bank or store they commonly use.\n\n\nWith the rising number of successful attacks against high-profile targets, it\u2019s now not a question of if you\u2019ll get hacked, but when. Cybersecurity is everyone\u2019s responsibility. As I discussed in a prior blog, the nature of the cybersecurity threat is evolving, but many attacks are also successful due to simple lapses in applying common security controls. Businesses can do more to implement robust security practices and so can consumers. There\u2019s no magic fix, of course, but the more safeguards the better.