It’s easier than you think for companies and business leaders to overlook cybersecurity. Unfortunately, the nature of the threat means some of the biggest worries for your organization might actually be out in plain sight. Here are five kinds of cybersecurity risks that are regularly overlooked.

Inconsistent or Nonspecific Cybersecurity

An obvious weakness in the cybersecurity strategy at your place of work is the people. More specifically, it’s how well and how consistently they’re trained on security essentials.

Everybody should be on the same page about the reality of the risks and how necessary a good human element is these days, even with all the anti-virus and anti-malware software available.

The understanding of what a phishing email looks like comes in handy just as much at home as it does in the office. It comes with an added bonus: Even though nobody likes extra meetings, 77 percent of surveyed employees stated that specific and consistent cybersecurity training helped them feel a greater sense of ownership over the company and its processes and assets.

Poor Password Hygiene

When it comes to office culture and cybersecurity, poor password hygiene is especially worrying. If one employee secures all their work accounts with the same password, that’s a lot of potential information that could go missing if somebody targets them for cybercrime.

The importance of good password hygiene isn’t as overlooked as it used to be, but some of the best solutions probably are. Investing in a password manager is always a good idea — and it’s something you can apply to office culture, too. Look for a password manager with cross-platform functionality if you need it, and search for multiuser plans to give everybody in the office the means to create and store their own strong passwords for everything they do at work.

Not Taking Updates Seriously

This list entry is another one that gets talked about all the time, yet is still regularly responsible for personal embarrassment, as well as wide-scale disasters like WannaCry and Petya. These cybersecurity incidents exploited out-of-date software. More specifically, they took advantage of a window of vulnerability between a Microsoft patch going live and that patch being applied widely.

The point is not that clicking refresh on software updates all day long will prevent every possible instance a cybercriminal could exploit a vulnerability or back door. Setting everything you can to auto-update at a convenient time, daily, does stand a chance of keeping you safer.

Unsecured Personal Devices

BYOD culture — or bring your own device — is a great thing for employees and employers alike. It lets employees perform their duties in a digital workspace they already know and feel comfortable in. On the employer side, the lack of a serious learning curve and the small bump in productivity are welcome.

What’s less welcome are the cybersecurity risks that BYOD culture brings. It’s possible to permit and even encourage your teams to work on their own laptops and tablets, but this shouldn’t be done without a comprehensive and robust BYOD policy drawn up by your IT team. At a minimum, you should require that users access on-premises internet connections using VPNs and that all accounts are equipped with two-factor authentication.

Mobile Malware and Ransomware

Malware has finally gone mobile. None of the modern mobile operating systems are exempt from risk, and there are multiple ways for malware to infect a device, including fake app downloads and Wi-Fi spoofing.

Ransomware is another threat to our personal and business cybersecurity. In one of the most famous cases, the U.K.’s National Health Service’s digital properties were held for ransom. Unbreakable protection is all but impossible, but ensuring your off-site and local data backups are always encrypted can give you some breathing room by keeping usable data out of would-be thieves’ hands.

Every day, it seems we hear about a new internet scam, from Nigerian princes requesting a wire transfer of $10,000 to online dating catfishing. As helpful as the internet can be, such stories are worrisome.

While the internet can sometimes seem like a jungle of a million different threats, you can take steps to protect yourself. Here are five easy, free and quick ways to safeguard yourself

Enable Two-Step Authentication

Also known as multi- or two-factor authentication or login approval – two-step verification provides an extra layer of security beyond your username and password to protect against account hijacking. When using this security mechanism, you will log in using your password and then be prompted verify your identity again. This second verification is usually done via a biometric (fingerprint or face scan), security keys or a unique one-time code through an app on your mobile device.

Many websites and companies offer two-step verification, and they make it easy to set up this second layer – usually found in the settings section of your account. Using two-step authentication can help you feel more secure, especially for sites containing your financial information.

Check a Site’s SSL Certificate

Whenever you’re shopping online and entering credit card or bank information, it’s important to make sure that website is secured to protect against hackers trying to steal your info. You can find out if a website is secure by checking its SSL (Secure Sockets Layer) certification. While this process sounds complicated, it’s actually one of the simplest and quickest things to do for your online security.

When on a website, check the URL. Does it start with “http://” or “https://”? If you notice an s at the end, that means your connection is encrypted and secure, so any data you enter is safely sent to the website. Not all sites have SSL certification. While they may be fine to browse, avoid sharing any financial or personal information on websites without this added layer of security.

Don’t Save Financial Information on Shopping Sites

Even sites with SSL certification can be hacked. While there may not be a way yet to completely safeguard your data from hackers if you shop online, you can secure your financial information better by removing it altogether from shopping sites.

Many shopping sites let you save your credit card information in your online account. This setup makes it easier to make purchases in the future, as your billing and shipping addresses and credit card information are stored. However, if you can access this information, so can hackers. Rather than store your credit cards and addresses in your accounts, spend the extra minute to enter your information each time you make a purchase.

Be Careful Who You Trust

Catfishing has made headlines quite a few times in the last few years, and this online scam doesn’t seem to be letting up anytime soon. Catfishing happens when a person sets up a fake online profile ­­­­­– usually on social media or dating sites ­– and targets people with the goal of asking for money.

Catfishers are in it for the long game and may try to strike up an online relationship for months before asking for money. The losses can be extreme, averaging more than $15,000 per victim. To avoid catfishing, don’t accept friend requests from people you don’t know and never send money to someone you haven’t met in person. If a situation ever feels fishy, trust your gut and cut off contact with that individual.

Create Strong, Unique Passwords

Using the same password for every account it is not a safe. Often, people don’t realize their account has been hacked.

Make your password a sentence: A strong password is a sentence that is at least 12 characters long. Focus on positive sentences or phrases that you like to think about and are easy to remember (for example, “I love country music.”). On many sites, you can even use spaces!

Is a new car in your future? You might first have some unfinished business with your old one. While you’re cleaning out your personal items, think about the personal information stored in the car’s electronic system.

Your car is a computer that stores a lot of information about you — just like your smartphone or home computer. When you sell or donate your car, that personal data might be accessible to the next owner if you don’t take steps to remove it.

Some cars have a factory reset option that will return the settings and data to their original state. But even after a factory reset, you may still have work to do. For example, your old car may still be connected to subscription services like satellite radio, mobile wi-fi hotspots, and data services. You need to cancel these services or have them transferred to your new vehicle.

Here are types of data you want to remove from the electronic system before selling or donating your car:

• Phone contacts and an address book may have been downloaded when you synced your phone with your vehicle.
• Mobile apps’ log-in information, or data that’s gathered and stored on mobile apps, may be stored in the car.
• Digital content like music may be stored on a built-in hard drive.
• Location data like addresses or the routes you take to home, work, and favorite places may be stored in your navigation system.
• Garage door codes for your home or office may be on your system.

Besides the information stored on your vehicle, check to make sure you’ve cleared connections between your devices and the car as well. For example, car manufacturers may provide an app that lets you control the car’s functions or find the car — you should disconnect the app from the car when you sell it or trade it in.

For more information about resetting and removing your information, check your owner’s manual, contact your dealer, and visit your vehicle manufacturer’s website.

T-Mobile today confirmed that the telecom giant suffered a security breach on its US servers on August 20 that may have resulted in the leak of "some" personal information of up to 2 million T-Mobile customers.

The leaked information includes customers' name, billing zip code, phone number, email address, account number, and account type (prepaid or postpaid).

However, the good news is that no financial information like credit card numbers, social security numbers, or passwords, were compromised in the security breach.

According to a brief blog post published by the company detailing the incident, its cybersecurity team detected and shut down an "unauthorized capture of some information" on Monday, August 20.

Although the company has not revealed how the hackers managed to hack into its servers neither it disclosed the exact number of customers affected by the data breach, a T-Mobile spokesperson told Motherboard that less than 3 percent of its 77 million customers were affected.

The spokesperson also said that unknown hackers part of "an international group" managed to access T-Mobile servers through an API that "didn’t contain any financial data or other very sensitive data," adding "We found it quickly and shut it down very fast."

T-Mobile said the company informed law enforcement about the security breach and is reaching out to its affected customers directly via SMS message, letter in the mail, or a phone call to notify them as well.

"We take the security of your information very seriously and have a number of safeguards in place to protect your personal information from unauthorized access," T-Mobile said. "We truly regret that this incident occurred and are so sorry for any inconvenience this has caused you."

While there are several tweaks and steps you can take to test and improve your internet connection speeds, one of the easiest and quickest ways to speed up your web browsing is modifying the Domain Name System (DNS) servers. Read on to learn how Cloudflare's new 1.1.1.1 public DNS server can speed up and secure your web browsing.

What is DNS and How Does it Work?

DNS is the Internet's master phone book. It turns human-readable domain names, such as nebulanewengland.com, into Internet Protocol (IP) addresses such as 198.49.23.144. For all practical purposes, every time you go anywhere on the internet, you start by interacting with DNS.

This takes time. A complex webpage can require multiple DNS lookups -- one for the text, another for an image, another for an ad on the page, and so on -- before your page loads. Each DNS lookup takes an average of 32 milliseconds (ms). That really slows down many websites. So, when you speed up your DNS lookups, you'll get faster internet performance.

While Cloudflare's 1.1.1.1 is fast, it's biggest improvements comes with protecting your privacy. When the Federal Communications Commission gutted net neutrality, it also opened the door for ISPs to track all your internet searches. ISPs can, and are, selling your browsing data.

How to Update Your DNS Settings

Router

If you're using a router for your office network DNS settings -- and you probably are -- log in and find your DNS server settings. Once there, note down your existing DNS records and replace them with the following:

• For IPv4: 1.1.1.1 and 1.0.0.1

That's it. The next time your computers look up a website, they'll use the 1.1.1.1 DNS services.

Windows

With Windows, click on the Start menu, then click on Control Panel, and do the following:

1. Click on Network and Internet.
2. Click on Change Adapter Settings.
3. Right click on the Wi-Fi network you are connected to, then click Properties.
4. Select Internet Protocol Version 4 (or Version 6 if desired).
5. Click Properties.
6. Write down any existing DNS server entries for future reference.
7. Click Use The Following DNS Server Addresses.
8. Replace those addresses with the 1.1.1.1 DNS addresses:

• For IPv4: 1.1.1.1 and 1.0.0.1
• For IPv6: 2606:4700:4700::1111 and 2606:4700:4700::1001

MacOS

For macOS, open System Preferences, and then do the following:

1. Search for DNS Servers and select it from the dropdown.
2. Click the + button to add a DNS Server and enter 1.1.1.1
3. Click + again and enter 1.0.0.1
4. Click Ok, then click Apply.

iPhone

From your iPhone's home screen, open the Settings app.

1. Tap Wi-Fi, then tap your preferred network in the list.
2. Tap Configure DNS, then tap Manual.
3. If there are any existing entries, tap the - button, and Delete next to each one.
4. Tap the + Add Server button, then type 1.1.1.1
5. Tap the + Add Server button again, then type 1.0.0.1. This is for redundancy.
6. Tap the Save button on the top right.

Android

On Android, it's far harder to set up DNS than with other operating systems.

The easiest way, which works across most Android devices, is to install DNS Changer. This works by creating a local VPN work on your device. This VPN only exists within your device and your mobile or Wi-Fi connection. To use it, you place 1.1.1.1 and 1.0.0.1 in as your DNS entries.