Cybersecurity and Our Personal Data

When there’s a breaking story about a cybersecurity breach, it’s often related to hacks, data breaches, ransomware attacks and more that impact businesses and public entities. Health care providers and telecoms are among those entities.

Government-backed/state-sponsored hacking is also a fact of life. The conflict in eastern Europe has been unfolding on the ground and in cyberspace. As well, a figurative army of civilian hackers and hacktivists has been taking action against Russia since it first invaded Ukraine. This year, Costa Rica has also been on the receiving end of cyber-attacks. The government was compelled to take public health services offline and close some healthcare facilities after attacks in April, and a late May ransomware attack resulted in a closure of the government agency that administers social security for Costa Ricans.

We don’t necessarily hear as much in the news about breaches of personal data. Yes, we may experience concern when we hear of customer and client data being breached, yet we tend to think of such matters as beyond our control. In fact, individuals experience personal data breaches all too often – and we aren’t necessarily aware of breaches when they occur. I speak about cybersecurity at conferences and onsite for employers, and it’s a rare event when at least one or two people don’t come up to me after and discuss personal data breaches they or their family members have experienced.

On my Exceptional EA website, I ask readers about career and other experiences through what I call my Weekend Polls. When I last asked about cybersecurity and personal data, in 2021, 13% of respondents said they were aware of cybersecurity breaches having occurred with their personal hardware. More than one in three people, 37%, said they were aware of at least one of their social media accounts being hacked. A whopping 93% were aware of someone else’s social media accounts being hacked.

In the days when much of our mail came through a post office, we’d have been unsettled if envelopes arrived opened and with indications someone else had been privy to our personal correspondence and information. Just last year, 37% of respondents to the Weekend Poll mentioned above told me they were aware of at least one of their email accounts being hacked.

While we aren’t in a position to do much about cyber attacks on retailers, hotels, telecoms, social media platforms, health care providers and so on, our knowledge that such attacks occur points us to one of the most important things we can do to protect our personal data. We can and should be increasingly thoughtful in how we use passwords.

Knowing our password may be among the data breached in a cyber attack on a business or some other entity with which we deal, it makes sense to use different passwords for different accounts. We’re human, though, and we have a lot of passwords. While 30% of respondents to my last cybersecurity poll said they use more than three dozen passwords, many of us like to keep it simple. As a result, we may choose a single password or a small handful of passwords and use them over and over again.

We do have options. We can research and make use of a good password app that helps us manage our passwords. We can switch from using passwords to using pass phrases, turning to phrases – perhaps snippets from a song, or literature, as long as they wouldn’t be obvious to a hacker – we may more readily remember. Whatever we choose, we want to avoid making it easy for hackers to breach our systems. We’ve been hearing for years now that, just as we shouldn’t share our passwords with others, we should refrain from using family members’ or pets’ names, and dates that are meaningful to us. We know it’s helpful to use a mixture of capital and lowercase letters, and to substitute numbers or symbols for certain letters. How many of us, though, substitute a zero for the letter “o” and think we’ve done our bit? That may have been helpful when we first began such practices, yet this is now seen as an obvious substitution.

When it comes to passwords, please keep those you use in your personal life distinct from those you use in your career. Otherwise, should one of our home or business accounts be hacked, we’re potentially opening the door wide open for hackers to intrude on that other aspect of our life. The ramifications would not be appealing, and we don’t want those worlds colliding amid a cyber breach.

If you use social media, you may have seen friends share online games/trivia teasers. They seem harmless. If you’re tempted, though, to see what historical royal figure or cartoon character you most resemble, the personal traits you possess, or whatever else is involved, pause before you play. Read the terms, and consider what you’re releasing in exchange for this momentary bit of fun. When you do so, you’ll see it’s not uncommon to learn that “the game” will then have access to your public profile information. In an era when personal data is increasingly being commoditized, do we really want to give away such information to whomever/whatever unnamed entity is behind “the game”?

Apps are useful in our daily lives. As we prepare to download one, it’s worth investing the time to read or at least scan the privacy policy. Yes, we’re busy, and yes; those documents can be long. Shouldn’t that in itself make us curious as to the terms to which we’re agreeing?

If you’ve been traveling again, there’s more to consider than airline delays and luggage mix-ups. You may want to consider picking up a portable battery charger or power bank. You’ll certainly want to refrain from using airport charging stations for your hardware because, unfortunately, hackers have been known to modify them with USB connections that can download your data and install malware on your hardware.  

These are just some of the tips I offer to help keep personal data personal, rather than exposing it to hackers. Whether or not we’ve given much attention in the past to the possibility of our personal data being breached, there’s no time like the present to ensure we’re aware of potential risks and steps we can take to mitigate those risks.

About the Author:

Shelagh Donnelly educates and inspire assistants on topics ranging from meetings and minutes to business acumen, cybersecurity and working with boards. She helps assistants nurture their adaptability, productivity and resilience in order to enjoy the career and continue to add value even as roles evolve. An international speaker, Shelagh worked with C-level executives for more than 25 years and is recognized for her governance expertise. Shelagh founded her globally read Exceptional EA website in 2013, and is the author of the upcoming book, The Resilient Assistant.