Unlocking the Power of Data to Change the World

As part of the Experian family, we’re excited to participate in their #ExperianStories campaign with a story of our own.

For more than 10 years, we’ve had the immense privilege of developing innovative solutions to help businesses and consumers address growing threats related to breach and identity theft. We started in 2006 with four founders and now have more than 180 employees, offices in four different locations around the globe, and products spanning both credit and non-credit identity monitoring solutions.

We believe that harnessing the power of data plays a critical role in protecting consumers, businesses and society against growing cyber threats. The identity protection services we provide to businesses mine the dark web to alert consumers to instances where their identity may be at risk, empowering them to respond quickly and mitigate the impact of identity theft. Our access to this data and intelligence allows consumers to take a more proactive approach to protecting their identity.

Beyond the technology services we provide, we also believe in making the world a better place in other ways: through our culture and our people. We’ve maintained a long-standing tradition of giving back to and supporting the community in ways that make a positive impact. In fact, it’s been core to our culture since we started the company and remains a central part of our mission. We offer a variety of service opportunities for our employees throughout the year and encourage them to get involved in with organizations and causes for which they are most passionate.

Throughout the last 10 years, we have partnered with fantastic local organizations like Lifeworks, Operation Blue Santa, the Sustainable Food Center, and Girlstart. Just last month, we spent an afternoon sorting, bagging, and wrapping presents for families in need for Operation Blue Santa. It was an incredibly moving experience and we were glad to play a small role in spreading some holiday cheer. We look forward to deepening our relationships with these organizations, and volunteering with others, in the year ahead.

We’re fortunate to have a company where our people are moved by the power of data and technology to change the world – and are ready to volunteer their time to make the world a better place. You can find out more about why giving back goes hand-in-hand with CSID culture on our site.

Join in on the conversation by sharing your story and tagging #ExperianStories and follow along with all CSID news on Twitter, Facebook and LinkedIn.

By | January 12th, 2017|Company News|0 Comments

Resolutions for a More Secure 2017

CSIDLast year is in our rearview mirror, and we’re moving full steam ahead into 2017. It’s around this time that people start focusing on their New Year’s resolutions. One resolution that should be on everyone’s list: improving personal online security. With the right resolutions, you can help minimize the risk of your information being compromised online.

Resolve to Use Strong Passwords and Update them Regularly
A quick look at the most common passwords from 2015 reveals a list that lacks complexity. The two most common are “123456” and “password,” with other easy-to-guess passwords like “football” and “abc123” high up on the list.

Yes, these passwords are easy to remember, but that also means they are easy to guess. Make a promise to yourself in 2017 that you won’t use your name (or a family member’s name, including pets) or birthday (or a family member’s birthday) in your passwords. Use long, strong, unique passwords with a mix of numbers, letters, and special characters. A technique that could help if you can’t think of anything is to start at a key on your keyboard and draw the shape of a letter. For instance, beginning at the “X” key, your password could be XdR5TgY&UjM, which makes the shape of the letter “M.” The end result is a password that’s difficult to crack but easy to remember.

Creating a strong password is the first step. To take your security even further, keep that password updated regularly – that means changing it every three to six months. Additionally, don’t reuse passwords across multiple apps and sites. Together, these steps will reduce the risk of your information being accessed.

Resolve to Think Before Clicking
Have you ever received an email or a link from a company or a person you knew, but something just seemed a little bit off? Maybe a word was misspelled, or the language just didn’t sound like it normally does. It’s possible the email was a phishing scam. Before you click on something that looks suspect, visit the sender’s website directly or give their customer service a call. And if the link was sent from a friend or colleague, pick up the phone and confirm they actually sent it themselves.

Resolve to Be More Proactive – And Make Your Devices Act Accordingly
Enabling two-factor authentication or setting up monitoring services can further bolster your protection. It’s always a good idea to keep an eye on your credit card and bank statements. If there’s a charge that looks unfamiliar, contact your credit card company or bank. Many credit card issuers give users the option of opting in to alerts if something seems out of the ordinary. It’s very easy to set these alerts up, and they’re incredibly helpful in keeping an eye on your data and sensitive information.

With these resolutions, you’ll be doing your part to make this year more secure. Another great resolution is to educate others: help a family member set up monitoring services, or encourage a friend to update their passwords. Together, we can help minimize the risk of cyber attacks.

Do you have any other cybersecurity resolutions for 2017? Share your tips with us on LinkedIn, Facebook and Twitter.

By | January 6th, 2017|Online Safety|0 Comments

2017: The Evolution of the Password, IoT Threats and Other Predictions

CSIDFor both consumers and businesses, 2016 was a big year for cybersecurity. As we predicted at the beginning of the year, large-scale breaches continued to dominate the headlines and the Internet of Things (IoT) became a growing source of security concerns. But as the year comes to a close, it’s time to look to the future. Here are the trends we predict will shape the cybersecurity industry during the year ahead:

Consumer Password Practices: Same Problems, New Solutions
Poor password use continues to plague consumers, leaving them vulnerable to attack. With the volume of breaches increasing, it will be more important than ever for consumers to use long, strong and unique passwords across accounts. If any of your passwords made it on to last year’s list of “Worst Passwords,” you should take care to update now. Consumer adoption of biometric authentication will also increase, not only across traditional financial accounts, but other apps as well, as we saw with Google’s Trust API earlier this year.

IoT Threats Will Begin To Take Shape
IoT threats, once somewhat abstract, will start to become very real as more devices are connected and as consumers and businesses start to participate in the resulting connected ecosystems. Recent DDoS attacks in 2016 showed us that the IoT is, and will continue to be, a valuable tool and target for cyber criminals. The security industry, businesses and consumers will need to come to together to tackle IoT security – from education to product development.

BYOD Brings News Era of Workplace Threats
With evolving workplace cultures – including a rise in work from home and bring your own device (BYOD) policies – we’ll start to see a new era of threats facing businesses. Companies will need to prioritize building a BYOD policy in partnership with IT, risk management, and legal counsel. They’ll also need to educate employees on security best practices, like creating strong passwords and updating the software on their devices, to ensure all employees understand their role in protecting the business.

Hollywoodization of the Hacker Brings Mainstream Awareness
With shows like Mr. Robot gaining mainstream, loyal followings, we’ll see a new level of fascination with hacker culture and cybersecurity, especially from younger individuals, who are more digitally connected than any previous generation. Consumer interest in cybersecurity, along with attacks in the headlines, will drive popularity of these shows and start to blend entertainment with education.

Ransomware Will Threaten Hospitals And Other Enterprises
Hospitals and other healthcare organizations will be among the most vulnerable for attack, as moves to digital – including the shift to electronic health records (EHR) and launch of mobile applications – will introduce valuable targets for cyber criminals.

Have your own 2017 security predictions to share? Weigh in with us on FacebookTwitter and LinkedIn.

By | December 27th, 2016|Online Safety|0 Comments

How Consumers Can Respond to the Yahoo Breach

CSIDYahoo recently disclosed that it has discovered a breach of more than one billion user accounts that occurred in August 2013. This is believed to be a separate attack from the breach Yahoo reported in September.

Bob Lord, chief information security officer at Yahoo, said the stolen user account information may include names, email addresses, telephone numbers, dates of birth, hashed passwords, and in some cases, encrypted or unencrypted security questions and answers. Whether or not you have a Yahoo account, this is a great reminder to make sure you’re following best practices when it comes to your online security.

Create Strong Passwords
Take a look at the most common passwords from last year and it’s a canvas of simplicity. “123456” and “password” are the two most common, with other easy-to-guess passwords like “football” and “abc123” high up on the list.

While these are easy to remember, they’re also quite easy to guess. Refrain from using your name, birthday, or pet’s name in your passwords; instead, use long, strong, unique passwords with a mix of numbers, letters, and special characters. Don’t reuse passwords across multiple apps and sites and also be sure to update your passwords regularly – it’ll help further protect your information from being accessed.

Stay Updated
When your computer or an app asks if you’d like to update to the latest version, do you typically ignore it, or click “Remind Me Later?” Get out of that habit – those updates are there for a reason. Developers are constantly fixing bugs and adding security adjustments and patches to make your devices safer.

Keep an Eye out for Phishing Scams
Phishing scams often come in the form of a fraudulent email message. Though they can occur at any time, they’re even more prevalent during the holidays, with cyber criminals sending what appears to be a legitimate offer. Avoid clicking on links or downloading attachments from suspicious emails, especially if you don’t know the sender. Be wary of emails that ask for personal information or refer you to a website to input your information, even if it appears to come from a retailer you do business with. The best way to confirm if the retailer really sent the email, is to call the legitimate entity directly to confirm the email is legitimate.

Monitor Your Payments
Keep records of online transactions and monitor bank and credit card statements to ensure there aren’t any fraudulent charges. Contact your bank or credit card company immediately to report suspicious activity or charges – even small ones. Oftentimes, cyber criminals test small amounts to ensure the account is active. Take the time to set up monitoring services to help you keep an eye on all your financial accounts.

This latest breach is another reminder that no company is safe from cyber attack. However, by taking a proactive approach to online security, you’re doing your part in safeguarding your information and minimizing your vulnerability to attack.

Do you have any other best practices for ensuring online security? Share your tips with us on LinkedIn, Facebook and Twitter.

By | December 16th, 2016|Industry News|0 Comments

Safe Shopping Tips During the Holidays

CSIDThe holiday season is a whirlwind of wintry weather, family and friends, and shopping – a lot of shopping. The National Retail Federation predicts retail sales in November and December will increase 3.6 percent, reaching $655.8 billion. Online shopping is expected to increase between seven and ten percent from last year to a staggering $117 billion.

Whether you’re battling the crowds or shopping from your smartphone, it’s important to protect your information.

When Shopping In Stores:

  • Before you leave for an afternoon of shopping, edit the contents of your purse and wallet. Only carry the cards and information you absolutely need. Not writing checks? Leave your checkbook at home. It’s important to note that you should avoid carrying your Social Security number with you year-round.
  • Protect your PIN when shopping by keeping a watchful eye on other shoppers, and covering the key pad.
  • Be aware of the information being collected (email, address, zip code, etc.) by retailers. Only share what is required, and feel comfortable asking how your information will be stored and used during future purchases.
  • Avoid sharing and accessing sensitive information over public Wi-Fi, including banking apps, social media, and online shopping. If there is no secured Wi-Fi network available, consider using a Virtual Private Network (VPN) while you shop.
  • Stay alert to your surroundings, and keep a close eye on your belongings. Never leave your purse and wallet in a car unattended.

When Shopping Online:

  • Be familiar with your merchant and ensure you’re using reputable online sites. First and foremost, always look for the HTTPS and green padlock icon in the address bar. You should avoid entering your credit card number or financial information if you don’t see this.
  • Create unique, cryptic passwords for each online customer account. Avoid using the same password across multiple websites and apps.
  • Take the time to logout of all online shopping accounts when your transaction is complete.
  • Make sure your devices are up-to-date, and that the latest security software and operating systems are being used for your phones, tablets, and computers.
  • Keep an eye out for phishing scams, as these fraudulent email messages are intended to look like legitimate offers during the holiday season. Never click on links in emails from unknown senders, and be wary of “too good to be true” deals. When in doubt, visit the retailer’s website directly or call their customer service to ensure the deal or email is legitimate.

Whether you are shopping at home or in-person, it’s important to keep track of your payments. Save records of your online purchases and check your bank account daily during this high-activity time. If you notice an unauthorized purchase, contact your bank or credit card company immediately.

We hope your holiday shopping is a breeze this season! What are your safe shopping tips? Share your advice with us on LinkedIn, Facebook and Twitter.

By | December 9th, 2016|Identity Protection, Online Safety|0 Comments

Virtual Reality: Real-World Security Concerns

CSIDRecent advancements in virtual reality (VR) have ushered in one of the most exciting times in technology, with consumers and businesses alike realizing VR’s potential for transforming and enhancing experiences. VR has proven to be so much more than a vehicle for gaming. We’re still in the early stages of understanding the full implications of VR, but exciting progress has already been made in verticals spanning from entertainment to education, and even the medical field. Early studies have shown it has helped paraplegics regain body functions, treat PTSD and anxiety attacks, test car safety, and so much more.

With VR picking up steam and quickly making its way from research labs to consumers’ living rooms, it’s more important than ever for consumers to be aware of the unique threats that may be associated with VR.

Physical Risk: Blended Realities
Virtual reality simulated experiences can create a degree of realism that may cause a user to become so deeply immersed in that experience that they become less aware of their surroundings. The nature of current VR headsets is such that users cannot see anything around them. VR experiences that require movement – like simulating the motion of swinging a tennis racket for example – could cause danger or harm to the user if they are not in an open space, clear of other individuals or structures.

Digital Risks: Privacy and Identity Theft
Like any technology that collects user information, including payment, account, and personal details, VR will continue to be a valuable target for cyber criminals. Pressures to bring the technology to market quickly may also cause developers to overlook critical security and privacy considerations. Other security risks may emerge when the devices are in use, as users may unknowingly express information related to their location or identity which may be recorded by a third party and used for marketing or if it falls into the wrong hands, identity theft.

Many predict that hackers will use tried and true hacks in new ways, leveraging VR to have users, “unwittingly deploy a Trojan” or “leak their password with just a wave of a hand,” for example. Phishing could also be executed via “fake virtual objects,” a duping method believed to already be in use by hackers.

Securing VR will take collaboration from the public and private sectors and a commitment from technology developers to create more secure devices. However, users should be aware of their own responsibility in protecting themselves. Be careful to use long, strong and unique passwords for VR-associated accounts, vet third party vendors, and ensure all of your devices have the latest software.

Have other VR security considerations to share? Weigh in with us on Facebook, Twitter and LinkedIn.

By | December 1st, 2016|Industry News|0 Comments

Educating Family on Security Best Practices

CSIDThe winter holiday season is a special time of year. We see more festive lights, hear more cheerful music, and spend more time with family.

Unfortunately, it’s also one of the most lucrative seasons for cybercriminals. Forty-percent of all yearly cybercrime occurs during October, November, and December. While you may consider yourself cyber-aware, others in your family may not be. Here are a few things to look for during this holiday season, and how you can educate your family around staying secure:

Be Wary of Downloads
While many advertisements this holiday season are perfectly legitimate, there are also malware-infected advertisements designed to bring harm to your computer. Make sure you know exactly what you’re getting when you’re downloading a product, and only click on links from websites you trust. Teach your family members to do the same. Clicking on a malware-infected ad could not only bring up inappropriate images or videos, but could also install a virus or spyware on your computer, allowing a cybercriminal to access your files or personal information. Encourage children to ask before downloading anything from the Internet and help oversee their activity to prevent potential damage.

Be Proactive
Some of your relatives might not realize that two-factor authentication (2FA) exists, or how to set up monitoring services. These are layers of security that aren’t difficult to set up, and your family members will feel safer knowing they are taking additional steps to help secure their personal information and online accounts.

Additionally, most people tend to shop more around the holidays, which give scammers a better chance to steal their information. Keep a close eye on your billing statements. If you do not recognize a charge, report the suspicious activity to your bank or credit card issuer immediately. Talk to your relatives about setting up credit card alerts. Most credit card companies can give daily, weekly, or monthly updates on account balance, or can send a text message for transactions over a certain, pre-determined amount.

When in Doubt, Ask
During the holiday season, it’s no surprise to see a company offering a deal on their products or services. You probably have a family member that considers himself or herself a real bargain hunter, and perhaps they even take pride in seeing how much they can discount their purchase. This holiday season, tell them to take a moment to consider the deal – if it’s too good to be true, it probably is. If they receive an offer through email or find one on a site they don’t normally visit, a quick search online, even just the retailer’s name plus “scam,” is a good way to ensure validity.

Another imposter scam typically targets the elderly, but can affect anyone. A scammer will claim to be a grandchild or another family member who needs money to get out of an accident or another fabricated incident. Tell your grandparents, aunts, and uncles to be on the lookout for this kind of scam – and to contact the supposed person directly. They could also check in with someone who knows the person, and they should never send money unless they’re positive the person calling is indeed who they say they are.

Do you have any other advice for the holidays? Has one of your relatives fallen for a scam before? Join the conversation on FacebookTwitter or LinkedIn.

By | November 22nd, 2016|Online Safety|0 Comments

How the Election May Affect Cybersecurity for Consumers

CSIDRegardless of where you stand politically, one thing we can all agree on is that the topic of cybersecurity took a prominent role in this year’s presidential elections – from concerns around hacks at polling sites to alleged cyber-attacks against the candidates themselves. Now that the election period has come to a close, the outcome will undoubtedly have implications for consumers, as several cybersecurity policies and practices come under discussion and key legislative decisions are made.

In 2016, we saw key moves from the White House, including the introduction of the Cybersecurity National Action Plan (CNAP), a plan seven years in the making which takes near-term actions and puts in place a long-term strategy to enhance cybersecurity awareness and protections, and empower Americans to take better control of their digital security. As cybersecurity continues to garner growing national attention, we can expect it to remain a popular topic of conversation and influence decisions being made in 2017 and beyond.

We’re still in the early stages of learning about President-elect Trump’s plans for cybersecurity beyond the vision expressed on his campaign website, which includes the establishment of a Cyber Review Team and Joint Task Forces. Trump’s 100 Day Action Plan, the roadmap of priorities for his incoming administration, also promises to work with Congress to establish a “Restoring National Security Act,” a provision of which would go towards protecting the country’s infrastructure from cyber attacks. Trump has also promised a federal hiring freeze and a new requirement that two federal regulations be eliminated for every new regulation. If enacted, both of these policies could potentially impact existing cybersecurity regulations like the CNAP.

On the financial side, consumers could also be impacted by his promised reforms to the Dodd-Frank Act. Part of that act established the Consumer Financial Protection Bureau, a government organization that educates consumers on financial risks including identity theft and fraud.

As we learn more, it’s imperative that consumers understand the role they play in staying secure, regardless of policy decisions made at the state and federal levels. It’s the responsibility of all consumers and businesses nationwide to keep cybersecurity top-of-mind and take the necessary proactive steps to help safeguard their personal information. Here are some steps you can take – in five minutes or less – to up your personal security:

  • Turn on two-factor authentication (2FA) on your online email and financial accounts: By making the login process harder and more complex through incorporating this additional step, 2FA provides an extra layer of security for you against attackers.
  • Create long, strong and unique passwords: Take a few minutes to ensure all of your passwords include a long and cryptic combination of upper and lowercase letters, numbers, and special characters. Also avoid using easy-to-guess passwords, like your name, birthday, or pet’s name, and be sure to use unique passwords across accounts.
  • Opt-in to automatic updates: Software updates almost always address security vulnerabilities. Keeping your system updated with the latest software means you have the latest patches to defend against threats.
  • Check your privacy settings on social: Social platforms are constantly updating their security and privacy policies, with new features like 2FA that can help keep your information secure. Stay up to date with these policies to make sure you’re taking advantage of all security features.

Have more tips to share? Weigh in with us on Facebook, Twitter and LinkedIn.

By | November 16th, 2016|Industry News|0 Comments

The Hollywoodization of the Hacker: Lessons From Mr. Robot

CSIDCurrent shows like Silicon Valley and Mr. Robot and movies like Blackhat have brought hackers into the ranks of pop culture’s most popular protagonists. Until recently, hackers in movies have largely been represented as zany sidekicks or mysterious recluses. But now hackers, and especially vigilante white-hat hackers, are being portrayed like real life, albeit unlikely, superheroes. With audiences so invested in their digital lives, it is easy to see why this shift has occurred. Especially among the younger crowd, who are more digitally active than any previous generation, it makes sense that those with the ability to directly impact digital spaces have become the subject of fascination. TechCrunch argues that these stories have also become popular because viewers are more educated and curious about cybersecurity: “They are finally starting to understand that cyberattacks are real threats and that cybersecurity matters.”

Mr. Robot has been a particularly good example of this change in how Hollywood writers represent hackers. It’s unlike many of the movies and television shows that came before it because of its realism. The main character, Elliot, is a cyber security professional by day and vigilante hacker by night. He exploits his targets using the same methods we’re seeing today, like DDoS attacks, tapping into unsecured Wi-Fi networks, and social engineering where hackers trick victims into sharing their personal information. Elliot joins a group of vigilante hackers called “fsociety,” many of whom are in their early to mid-20s. fsociety’s age range matches the real life trend of hackers getting younger and younger, especially as executing attacks no longer requires years of experience or an advanced technical background. Our CIO, Adam Tyler, will be speaking more on that topic at SXSW this year.

To mitigate the risk and consequences of attacks like those seen in Mr. Robot, here are some of the security measures you can implement:

  • Use strong passwords. Hackers can crack a weak password in minutes. Strong passwords are at least 12 characters long, are comprised of a cryptic combination of letters and numbers, and do not include any words found in a common dictionary.
  • Avoid unsecured Wi-Fi networks. Unsecured Wi-Fi connections, like those in airports and coffee shops, leave users wide open to a variety of man-in-the middle Hackers can capture Internet history tracking data, insert themselves into communications between systems and people, and track keystrokes. This is why users should avoid unsecured Wi-Fi wherever possible. Some great alternatives for connecting to the Internet on the go are secured personal hotspots, or a Virtual Private Network (VPN).
  • Practice good social media habits. Even seemingly innocuous information found on social networking sites, like your pet’s name or high school mascot, can be used by criminals to gain access into your accounts, as these often serve as the answers to popular password-reset questions. Check your privacy settings to make sure you’re not over-sharing information on social media.

Do you watch Mr. Robot or any other show featuring hackers? Tell us your thoughts over on Twitter, Facebook, and LinkedIn.

 

By | November 10th, 2016|Online Safety|0 Comments

A Recap of NCSAM 2016

CSIDEach October, we band together with other businesses, nonprofits, and agencies to observe National Cyber Security Awareness Month. Now in its 13th year, NCSAM is a collaborative effort between the U.S. Department of Homeland Security and the National Cyber Security Alliance to educate consumers, corporations, and institutions about cybersecurity awareness.

The past four weeks we have been sharing our tips and insights in weekly themed #ChatSTC Twitter chats, hosted by our friends at STOP. THINK. CONNECT. Below, learn more about the topics we explored and key takeaways on important issues discussed.

Every Day Steps Towards Online Safety:
Creating new cybersecurity habits does not need to be daunting. There are simple steps and easily adoptable actions that can help keep your private information safe online.

  • We recommend getting started by creating a conversation at home. Late last year, it was reported that teens spend nearly nine hours every day in front of some form of media channel. Talk to your children and your partner about the types of information that should remain private and the importance of safeguarding this information.
  • Create strong, cryptic passwords that are a complex combination of letters, numbers, and special characters. Take care to avoid your name, birthday, or pet’s name, and don’t reuse passwords across multiple sites and apps. We also recommend using two-factor authentication whenever possible.
  • Check your privacy settings on your devices and apps. Certain apps may have default settings that may share your sensitive information. Disable or permanently delete programs and apps you no longer use.

Cyber from the Break Room to the Board Room:
Businesses of all sizes need to implement cybersecurity practices and understand the threats facing their organization, like phishing scams and malware. Every person in an organization plays a role in keeping a business secure and creating a culture of security.

Our Continuously Connected Lives:
Lastly, we explored the Internet of Things. According to Cisco, there are already 10 billion things that can connect to the Internet. This number is expected to grow substantially within the next few years. Cisco predicts that by 2020, the number of devices connected to the Internet will exceed 50 billion. However, the cybersecurity standards within these devices remains somewhat unchartered territory.

  • Whether a wearable, smart fridge, or connected car, it is important for users to understand what data is being collected and stored.
  • Always password protect new devices and use biometric authentication whenever possible.

You can learn more about all of these topics in our Firewall Chats podcast series, and by searching the hashtag #ChatSTC on Twitter. CSID is proud to be a champion of National Cyber Security Awareness Month. Let us know your top cybersecurity tips on FacebookTwitter or LinkedIn.

By | November 4th, 2016|Industry News|0 Comments
Load More Posts