Tips to stay secure online in 2023 and beyond
Senior Project Manager, TELUS Wise
In recent years we have seen a shift with people getting better at protecting themselves from cyber risks, yet we’re still not perfect. Oh Behave Cybersecurity Awareness Report 2022 revealed that only 78% of participants said staying secure online was a priority.
As we look ahead to 2023, what will the key security trends be? What do we need to do to protect ourselves, our families, our data and our identities? To answer those questions, we sat down with Leigh Tynan, Director of TELUS Online Security, to get her expert perspectives on how security will evolve in the new year, the continued influence of hybrid work, why people need to change their security “belief systems” and how people can stay more secure.
Q: As we look ahead to 2023, what are the biggest security trends to be aware of?
LT: The new year isn’t going to bring new trends. We will see a continuation and acceleration of trends that have been impacting the security space for some time. Identity continues to be under threat as cyber criminals become more sophisticated. According to the Canadian Anti-Fraud Centre, Canadians lost more than $490 million to fraud in 2022 as of November 30th. A 2021 survey done by Chartered Professional Accountants of Canada (CPA Canada) found that 73% of respondents received fraudulent requests, and 33% have fallen victim to fraud at some point in their lives.
The Internet of Things (IoT) and cloud security are introducing new types of vulnerabilities. People tend to think of these areas as business problems as opposed to issues that can impact us personally. But as we connect and network more devices than ever before – fridges, lights, thermostats, home assistants – we’re creating doors that an attacker can use to gain access. While these systems don’t necessarily store sensitive information, their vulnerabilities and lack of embedded security make them prime targets as gateways to entry.
Q: Post COVID, what permanent changes have you seen in the security landscape?
LT: Two-factor and multi-factor authentication has become more common. Companies are embracing this security layer and requiring multiple credentials for access. It’s a very encouraging step because it does make it harder for cyber criminals to compromise your accounts. While it may seem like a pain, it’s important for us to embrace it as well.
Password managers are also a great tool to help you manage your unique and complex passwords. Artificial intelligence (AI) is becoming more prevalent in helping companies process data to predict threats. According to an IBM study, companies that use AI to detect and respond to data breaches saved an average of $3 million. Ironically though, cyber criminals are also adopting AI to find new ways to gain access. It’s an intensified arms race between hackers and security agents to stay ahead with the latest technologies and techniques.
Q: How does security change as the hybrid work environment evolves?
LT: According to an Angus Reid Group study conducted for NortonLifeLock, 70% of employers are allowing employees to use personal devices for work, but only 30% of those allowing it have a Bring Your Own Device (BYOD) policy in place. People are using their personal devices without any due diligence or parameters, which is scary. When the majority of people worked in the office, companies could control the environments with policies, VPNs (Virtual Private Network) and computer security. But now companies need to think about educating employees about building secure networks in their homes. For example, how does family sharing potentially threaten the corporate network? Companies need to ensure that employees have cybersecurity solutions in the home and on their devices. Hybrid work has created a broader definition of what security encompasses. Security now must account for each home office and each team member, as well as the other factors (family members, unsecured networks, and the possible presence of digital smart assistants in home offices where confidential business meetings occur) that can impact corporate security.
Q: Where are people falling short most when it comes to security?
LT: People continue to believe, “it won’t happen to me.” Many people think they are safer than they really are. Mistakenly, people will say, “Oh, my bank will protect me if something happens.” But financial fraud is only one possible way of being compromised. Identity theft isn’t always about your personal bank account. A hacker could be using your identity to open other accounts and jeopardize your credit or use your healthcare benefits. Every company we interact with online creates a possibility for identity theft. TELUS Online Security can help you detect and prevent the threats for your devices, networks and identity. If something does happen, you have the tools and support to help you recover.
Q: Where is TELUS’ primary security focus right now?
LT: We are very passionate about educating Canadians about the steps they can take to protect themselves through programs like TELUS Wise and other initiatives. The more knowledge you have, the more steps you can take to keep yourself safe. We really want people to understand how simple it can be to stay safer. I like to distill it down to four key principles – inquiry, understanding, awareness and action. I am encouraged by how awareness continues to grow. People are starting to pay closer attention to their online safety and are beginning to ask the right questions.
Q: What are your recommendations to stay secure in 2023?
LT: Take sensible precautions. Use common sense. With anything you are doing online, remember that cyber criminals are trying to trick you to get your information. If you are asked to share personal information, think about who is asking for it and what they are asking you to share.
These are my top tips that you can integrate into your everyday life online:
- Trust your gut: Before taking any action, ask yourself: is it real? Is it legitimate? If something doesn’t feel right or seems too good to be true, it probably is. When in doubt, reach out to the person or the company to confirm using contact information found on their website (not in the email you are questioning).
- Use two-factor authentication: Embrace it. It’s there to protect you. It’s a simple way to deter cyber criminals.
- Use a password manager: This tool simplifies the process of creating and remembering unique, complex passwords.
- Be vigilant about phishing scams: Investigate! Look at the sender's email address. Examine closely and look for typos, inconsistency in the brand or incomplete email headers. Think twice before you click or input any data. If you’re unsure, verify.
- Have conversations with the kids in your life: TELUS Wise offers informative parent resources to help you talk to your kids about their vulnerabilities online, how to set clear boundaries and what they can do to protect themselves.
Q: Any final thoughts?
LT: No one is immune to threats online and potential identity theft. Use caution, common sense and cyber security tools to protect yourself. Our cyber safety begins with us. Layers of security are critical. It’s important to be able to protect, detect and recover. Free tools are out there. But tools like TELUS Online Security are affordable and more comprehensive. It all comes down to mindset. We can’t leave our identity, our most valuable asset, to chance. We must inquire constantly, seek to understand, gain awareness and act consistently.
In closing, although cybersecurity threats, identity theft and scams are becoming more sophisticated, the good news is that you can protect yourself by being vigilant and staying informed. Sign up for the TELUS Wise newsletter to stay up to date and Test your Cybersecurity awareness today.
There is more to explore
Emergency and Grandparent scams
Anyone who suspects they have been the victim of cybercrime or fraud should report it to their local police and to the Canadian Anti-Fraud Centre.Read article
Keeping kids safe online: the rules and responsibilities that come with smartphone ownership
To encourage ongoing dialogue with your child about internet safety, download a technology contract.Read article