You can apply the threat landscape concept used in enterprise security to yourself to make it easier to stay protected.
If you try to protect yourself against all the threats in the world, you will soon run out of energy and make your life unbearable. Three-factor authentication here, a twenty-character password with musical notes and Chinese characters there, different browsers for different websites , and abstinence from social media don’t exactly sound right for life.
What hurts the most is that using virtually all of these security measures won’t help protect you against all threats: new ones keep appearing, requiring new protection methods. Meanwhile, most new security layers reduce usability: having two-factor authentication will never be easier than not having it. And that is the least hateful example. So what can you do? Create your own threat landscape, as companies do when designing their security processes, and protect against only those threats within that landscape.
What is a threat landscape and what does it have to do with you?
In the field of corporate security, a threat landscape is the set of cyber issues that threaten a company in a certain industry within a certain period of time. It includes vulnerabilities, malware and ransomware groups, as well as the techniques they use.
An overview of the threat landscape helps define what exactly the business needs to protect against. Some threats will be more pressing than others, depending on the company’s location and activity. And since a security budget always has its limits, as does the number of security personnel, it makes sense to protect against truly relevant threats.
Why not create a threat landscape like that and base your own personal security strategy on it? This way you will avoid having to carry multiple layers of protection and you will be able to continue using the Internet with some comfort.
Build a personal threat landscape
Every individual, like every company, has their own threat landscape. Whether you use TikTok or Instagram or have a password manager or not influences which threats are most relevant to you. Many other factors also influence, such as where you live, what operating system you have on your computer, what instant messaging applications you use and who you correspond with through these applications.
That said, all of these personal threat scenarios have certain elements in common, as we all live in the 21st century, we all use computers and smartphones, and we all browse the Internet. Therefore, for the purposes of this discussion, a personal threat landscape can be divided into common and individual parts, with the common part being mostly applicable to everyone, and the individual part being determined by the person’s particular situation.
The common part of a threat landscape
If you are a regular reader of this blog, you will have a rough idea of the most frequent and relevant types of threats regardless of the country of residence. First of all, these are phishing , data leaks and various scams . Every person needs to keep themselves protected against these.
The best protection against phishing is learning how to detect it. To do this, you must do the following:
- Find out what phishing is ;
- Get an idea of the main tricks that phishers use;
- Learn the typical signs of phishing , such as a suspicious sender address (pun intended), suspicious links, etc.
Protecting yourself against data leaks is more difficult, since in most cases it is not your fault, but rather some service you use. Since each of us uses many services on the Internet, from social networks to online stores , and from insurance companies to delivery services , it is difficult to control each of them.
You generally need to be prepared for breaches, while any of Kaspersky’s new products with a data breach alert feature can help you monitor data that’s relevant to you. Monitoring is undoubtedly a good thing, but what about the data that is leaked? Well, this is something you can only answer: change passwords quickly, block your bank cards if necessary , and be aware that the fact that they address you by your full name in an email signed with the name from your personal account manager is no guarantee that the email actually comes from your bank. The bank’s database may have been leaked and used by scammers for phishing.
Finally, there are many types of scams in the world, which differ significantly between countries. Still, they have common characteristics. As with phishing, knowledge is your best protection. Therefore, keep reading our blog to learn about different types of scams and critically analyze everything that is too good to be true or seems dangerous and demands an immediate response from you : Scammers usually play on human greed or try to put their victims under stress to make them nervous and make them lower their guard.
Phishing, data leaks, and scams are the three most common types of threats that are relevant to everyone. Next, we’ll look at the individual part of a threat landscape, which depends on who you are and your online habits.
The individual part of a threat landscape
To create a personal threat landscape, you first have to introspect and analyze yourself and your habits. What websites and instant messaging services do you use? Do you have your own work phone? Do you work from home or from an office, and what computer do you use?
Next, based on your answers to the questions above, you can begin to create a threat landscape and relevant security measures simply by going through the list.
Let’s say you are an active social media user. In this case, you must protect yourself against account hacks , ban attacks and account hijacking ( Instagram , Facebook ). You should also set the appropriate privacy settings on Instagram , Facebook , TikTok , and Twitter .
The state of privacy on specific social networks, such as Vivino (for wine lovers) and Untappd (for beer lovers), is pitiful: your alcoholic discoveries are visible to anyone by default. If you’d rather not share your weekend binge with the world, be sure to set up these apps to keep your wine or beer adventures your little secret.
Or, let’s say, you are an avid gamer and Steam user. If so, you need to protect yourself from Trojans that steal user accounts and from scammers who have their own systems to carry out this type of activity. What can you do about it? Learn about Steam scams and configure the service’s security features .
Let’s say you are a blogger or the owner of a popular Telegram channel. Well, your biggest threats are account theft and doxing , the latter more commonly experienced by women . What can you do about it? Learn how accounts are often hijacked and get a reliable security product to neutralize Trojans and alert you to phishing and personal data leaks.
Even if you decide that you are no longer interested in social networks or games, do not leave your accounts hanging, unattended: they could be hacked and used against you by accessing your personal data. The worst thing is that you won’t find out soon, or ever. Therefore, we recommend that you consult our guide on how to manage accounts you don’t use/need .
Many naively believe that they can only encounter cyber fraud in their personal space, while at work is secure and monitored by trained professionals and generally no place for scams or phishing! Nothing could be more wrong. If you’re looking for a job, you could be the perfect target for scammers . If you’ve recently started working at a new company, keep your eyes peeled for fake coworkers. If you work remotely or use a personal computer for work, configure your workspace so that it does not harm your employer and research what software you should not use for work .
Finally, be especially careful if you are a cryptocurrency investor: since cryptocurrency transactions are not protected by laws, it is essential to choose the right storage strategy . Remember that even cold wallets can be hacked , you should take all measures to secure your wallets, private keys and seed phrases .
However, even those who have covered all the bases , installed a reliable program to store passwords and personal data , and protected all possible accounts with two-factor authentication , should think in advance about what they would do if their smartphone with the authenticator app crashed. broken, lost or stolen. Check out our tips on how to back up an authenticator app or try to recover it if you’ve lost your phone before you can make a backup.
Conclusion
This is how you build your own personal threat landscape: review every area of your cyber life. Although it sounds sad, the last step in creating a threat landscape is to make a digital will .
By designing your own personal security strategy around your own threat landscape, you’ll get it done faster and keep things simpler by trying to protect yourself from everything at once. Naturally, you will need knowledge of cybersecurity and online privacy to be successful at this. Subscribe to our mailing list to receive new posts and study threats that belong to your personal threat landscape. Our security solutions can help you neutralize these threats, control data leaks, and store personal data securely.