I recently went At the GGI Nordic-Baltic Meeting In Helsinki, where I spoke on the topic Shaping a Safer Cyberspace. When I mentioned that I was going to talk about cybersecurity, I initially got a lot of surprised looks – as if it wasn't my field. But that confirmed to me that I was on the right track, because cyber hygiene shouldn't be just the preserve of IT professionals. It's a topic that everyone should know about and that everyone can share something about.
Cybercrime has changed significantly in recent years. While it used to seem like Estonians were protected by their small and special language and we had almost no phishing emails in proper Estonian, now the picture is different. Big language models have made our language accessible to criminals, and this means that even our small, safe language no longer protects us.
We share stories
As an entrepreneur, it is crucial for me to understand how cybercriminals operate. Only then can we reduce the risks or avoid them altogether. Cybersecurity is not just about firewalls and complex passwords – it is above all about human awareness.
Most cyber incidents start with human error or ignorance. The victim can be an employee, manager or owner, or an external partner with access to the company's systems. Therefore, sharing stories and experiences is one of the most effective ways to learn from each other and put the brakes on the plans of criminals.
Who are the targets?
Forget the outdated notion that only tech-savvy grandmothers fall victim to cyber fraud. Today's target groups are much more strategically chosen, including:
- business leaders,
- financial managers,
- accountants and
- companies providing accounting services.
These are people and organizations that have access to major financial assets and valuable data, the latter for which it is possible to demand a hefty ransom.
How to raise cyber awareness?
If your field of activity is not exactly IT services, start with your IT partner. Together, it is worth reviewing the company's processes, looking for weaknesses, and doing this regularly.
- Continuously train your employees so they can use equipment and software safely.
- Review your systems and add an extra layer of security if necessary. Sometimes multi-level login is enough, and sometimes just adding one additional acceptor is enough.
- Understand that there is no 100% protection – but by acting consciously and having insurance coverage, the risks can be significantly reduced.
If an attack does occur, the most important thing is to respond quickly. Immediately notify the person responsible in your company and take immediate action to minimize the damage.
Be brave and share your story.
Cybercriminals hope that victims will remain silent. When we speak out about our experiences, we help break the pattern of criminals and give others a chance to learn.
Reminder
The most important basics that anyone can follow:
- Do not enter PIN codes. or passwords unless you initiated the action yourself – even if the caller claims to be from the police, tax office, or bank.
- Use unique and strong passwords and, if necessary, a password manager.
- Turn on two-factor authentication (2FA) on all important accounts.
- Keep yours operating system and software up to date, make regular updates.
- Use reliable antivirus and firewall.
- Do not open unknown emails, links, or attachments - always check the sender.
- Use only secure Wi-Fi network and avoid performing sensitive actions in public places.
- Always lock your computer when you leave your desk.
- Do it regularly. backups important files.
- Do not download software from unknown sources.
- Regularly check who has access to your accounts and devices.
- 👉 Most importantly: be observant and skeptical - if something seems suspicious, it probably is.
👉 The cyber environment will only become safer if each of us contributes. Cybersecurity is not a separate project - it is part of everyday work and responsibility.
Be mindful, protect yourself and your data – and help others do the same.