Having a strong cybersecurity posture involves analyzing what digital assets you want to protect, and from who. This list is partly what I believe should be common-sense to anyone that uses internet-connected devices, and also some more esoteric advice for people that like managing Linux systems.
- Use U2F everywhere.
- Use a password manager. I’d recommend LastPass or passwordstore.org.
- Setup monitoring and alerts for important accounts, such as bank accounts and social media.
- Buy yourself and loved ones YubiKeys. They’re a reliable U2F device.
- Find a security checklist for your phone, PC, and server OS and make sure you’re doing at least the bare minimum to protect your digital identity.
- Make sure your router/modem has updated software.
- Consider buying a Winston device.
For people that like managing Linux systems:
- Consider setting up PiHole at home.
- Install Qubes OS. Joanna Rutkowska, creator of QubesOS, and her team have an excellent explanation of what it is and why one might use QubesOS.
- See privacytools.io/operating-systems/
Check out my list of security news for examples of what can go wrong when the bad guys attack.
I make no claims about this list being complete, up-to-date, or useful. caveat emptor