Cyber threats continue to rise. Advanced persistent threat (APT) actors launch sophisticated attacks that go undetected for months perhaps years. The Solar Winds breach was just another example. That being said there steps we must remain vigilant and take steps to protect data/devices. At a minimum everyone should:
1. Think differently about cyber security. Convenience should be the last/least consideration when addressing cyber security. Especially when you consider USA Intelligence & other Federal agencies have been breached in the last ten (10) years.
2. Use a password manager. Your favorite browser includes a password manager. Plus there are password managers available that do not require a specific browser at little or no cost.
3. Choose one password for each service/URL. You only need to remember the one used for your Password Manager.
4. Choose strong & long passwords. Minimum 12-18 characters long. Include special characters and/or Pass Phrases that have literally nothing to do with you or your loved ones life. This includes pets! Examples of both are 9dm%WuKCzR*!La or DRaGTrEnch2FeeTF@r
5. Apply the principle of least privilege. Restrict access accordingly.
6. Change passwords regularly in consideration of data being protected. Frequent password changes are a useful security measure. Police departments have a color of the day(password) to authenticate officers they may encounter in the field. However most people and/or applications do not require daily password changes. That being said I suggest people consider a frequency of 3-9 months to thwart APT actors.
7. Apply latest security updates to OS and applications.
8. Backup & test backup data automatically and regularly. Multiple Backups stored in different geographical locations are recommended.