Zen of Cybersecurity: Applying Mindfulness to Staying Safe Online
On day 32 of my self-isolation –that seems so long ago now–I was on a Zoom call with my friend who has two children, two cats and a husband who, like her, is now working from home. As we were discussing how we were adjusting to having our beloveds around 24/7, she shared how she was in the room known as the gray cat’s room. She told me that the room also doubled as their guest room. During the conversation, my friend said something that reminded me of why she was one of my favourite people in the world. She said, “I’m upstairs in the gray cat’s room because we need to spend some time together. Gray and I need some just us time.”
Although the whole family was home working, playing and watching Netflix, Gray was missing the postwork and post-school cuddles.
As I mentioned, my friend has two cats. There is an orange cat, which stays downstairs, showing no interest in Gray’s room until COVID-19. Since the world has gone into isolation, the orange cat has been trying to venture more into Gray’s room. Orange was taking advantage of the family’s complacency in seeing him slip into Gray’s space that they no longer stopped him.
I imagine the door must be open more now than when the family had four busy schedules.
As my friend was telling me her story, I couldn’t help but see the story as a perfect analogy on how, at times, that is how society is treating cybersecurity while people work remotely.
Why is Gray receiving less attention from the family even though everyone’s home? Why is Orange violating Gray’s privacy? In this analogy, Gray is cybersecurity and Orange is an opportunity-seeking hacker.
Instead of coming home and intentionally spending time with Gray, they see the cat all day long, and well, a month later, the attention has just weened. It’s what happens when we get used to something, and we start to take it for granted. That’s when hackers attack—when you are no longer putting attention on cybersecurity as you work, play, learn, teach, socialize and create online.
Psychologically there’s going to be times when you are on autopilot in front of your screen. We can quickly stop paying attention to the little details on our screens like changes in URLs, email addresses and pop-ups that say, “just click here” and do not have a small “X” to close the box.
To handle the increased risk we’re seeing in 2020, I’m going to suggest we take some advice from the European Union Agency for Cybersecurity (ENISA) and teachings on mindfulness. Let’s take a calm and peaceful approach to keep ourselves and families cyber safe.
Here are the Top 5 connections I’ve identified between ENISA’s teleworking recommendations and Buddha’s teachings on mindfulness.
1. Dharma is not in the past; it’s not the future; it’s in the present.
ENISA Advice: Use corporate (rather than personal) computers where possible. As much as possible, do not mix work and leisure activities on the same device and be particularly careful with any emails referencing the coronavirus.
Translation: If you look at Dharma as being in the teachings, then the chance to learn is always present. And this first teaching is that you should use different devices for work and play. If possible, always keep your work computer separate from any social activities online.
2. Dharma is truth for the moment.
ENISA Advice: Connect to the internet via secure networks; avoid open/free networks. Most WiFi systems at home these days are correctly secured, but some older installations might not be.
Translation: The truth is your system is always changing. If it has been a while since you had your home WiFi system checked out, now is a good time to do it. Check the settings on all home devices and the modem. Run weekly security scans on your devices. What is true today may not be true tomorrow.
3. If anything is worth doing, do it with all your heart.
ENISA Advice: Avoid the exchange of sensitive corporate information (e.g. via email) through possibly insecure connections.
Translation: How nice is it to do your work in your PJs? However, be careful your casualness doesn’t flow over to how you care for your hard work. Your job is precious and hackers know that. I would like you to think of hackers like COVID-19. They are silent and deadly; deadly because they are killing businesses and destroying lives.
4. No one saves us but ourselves. No one can, and no one may. We ourselves must walk the path.
ENISA Advice: As much as possible, use corporate intranet resources to share working files. This ensures that working files are up to date and, at the same time, that the sharing of sensitive information across local devices is avoided.
Translation: You can care for your privacy without being afraid. Cybersecurity is just about being mindful of how you save, send and share information.
5. If we fail to look after others when they need help, who will look after us?
ENISA Advice: Do not share the virtual meeting URLs on social media or other public channels. (Unauthorized third parties could access private meetings in this way.)
Translation: Cybersecurity is about trust and trust comes from mindfulness. Awareness and appreciation for the spaces around ourselves have become a daily state of mind for all of us. Life and death have become a regular conversation in our homes and all forms of media. We know that this is an invisible virus that breaches our immune system and is a mystery to health professionals. That makes it important for us to remember how dangerous what we can’t see can be to our well-being.
Orange, like so many opportunists, is now starting to venture into areas that he shouldn’t. And that is why we need to be mindful when online, especially as we work from home. The more time we spend in cyberspace, the higher our risk, and if you are working from home, all the devices on your network become vulnerable.
If you would like more information on the recommendations for employers and staff from the European Union Agency For Cybersecurity check out their website.