1. Keep your operating system up to date. When OS updates are released, they fix errors in the code that could let the bad guys in.
  2. Do the same for the application software you use. Web browsers, plug-ins, email clients, office software, antivirus/antimalware, and every other type of software has flaws. When those flaws are fixed, you are in a race to install that fix before someone uses the flaw against you. The vast majority of hacks leverage vulnerabilities that have a fix already available.
  3. Engage your brain. Think before you click. Think before you disclose personal information in a web form or over the phone.
  4. Think before you share on social media sites. Some of those fun-to-share-with-your-friends quizzes and games ask questions that have a disturbing similarity to “security questions” that can be used to recover your account. Do you want the answers to your security questions to be published to the world?
  5. Use a password manager and keep a strong, unique password for every site or service you use. That way a breach on one site won’t open you up to fraud at other sites.
  6. Back. It. Up. What do you do if you are hit with a ransomware attack? (Or a run-of-the-mill disk failure?) If you have a recent off-line backup, your data are safe, and you can recover without even thinking about paying a ransom.
  7. Full disk encryption is your friend. If your device is stolen, it will be a lot harder for a thief to access your data, which means you can sleep at night.
  8. Check all your accounts statements regularly. Paperless statements are convenient in the digital age. But it is easy to forget to check infrequently used accounts such as a health savings account. Make a recurring calendar reminder to check every account for activity that you don’t recognize.
  9. Manage those old-style paper statements. Don’t just throw them in the trash or the recycle bin. Shred them with a cross-cut shredder. Or burn them. Or do both. Data stolen from a dumpster are just as useful as data stolen from a website.