CyberSecurity FAQ - What is cyber hygiene?

Alternative FAQ Phrasings: What is a cyber hygiene? | What is cybersecurity hygiene? | What is cyber security hygiene?

Definition: cyber hygiene (a.k.a., cybersecurity hygiene, cyber security hygiene) is a colloquial term that refers to best practices and other activities that computer system administrators and users can undertake to improve their cybersecurity while engaging in common online activities, such as web browsing, emailing, texting, etc.

Etymology

The term cyber hygiene was coined by Vinton Cerf, an Internet pioneer, who used the expression in his statement to the United States Congress Joint Economic Committee on 23 February 2000, where boldface is added for emphasis:

It is my judgment that the Internet itself is for the most part secure, though there are steps we know can be take to improve security and resilience. Most of the vulnerabilities arise from those who use the Internet--companies, governments, academic institutions, and individuals alike--but who do not practice what I refer to as good cyber hygiene. They are not sufficiently sensitive to the need to protect the security of the Internet community of which they are a part. The openness of the Internet is both its blessing and its curse when it comes to security.

Cyber Hygiene Best Practices

Cyber hygiene related best practices for computer network/system administrators include, but are not limited to:

• ensuring that routers and firewalls are installed and properly configured;
• updating both “white lists" (authorized users) and "black lists" (unauthorized users), and enforcing compartmentalized ("need to know") user permissions for authorized users;
• ensuring that all anti-virus (AV), spamware, and other anti-malware protection software is properly installed and configured;
• updating all Operating System (OS), application software, web browsers and firmware with latest security patches;
• enforcing strong password rules and 2-Factor/Multi-Factor Authorization (2FA/MFA) procedures;
• ensuring that all computer networks are physically segmented with secure routers and active firewalls between segments;

Cyber hygiene related best practices for computer system users include, but are not limited to, using strong passwords and 2FA/MFA, avoiding accessing cybersecure systems on unauthorized and/or non-secure BYODs (Bring Your Own Devices), and avoiding mixing personal with cybersecure email and/or work documents.

For more information about Recommended Best Practices for Cyber Hygiene - Top 10, see the CyberSecurity FAQ - What are the best practices for cyber hygiene?.

If you have constructive recommendations to correct, clarify, or otherwise improve this or any other Cybersecurity FAQ, please contact us.

---

CYBER HYGIENE HANDS-ON TRAINING OPTIONS
If you seek professional cyber hygiene training that demystifies the technobabble of cybersecurity and emphasizes pragmatic best practices for protecting your sensitive "crown jewel" data, check out PivotPoint's Essential Cyber Hygiene Applied hands-on training workshops.