Do you really need a Hallmark Holiday to remind you to be savvier with your personal information and more careful in your conduct online? Of course, you do not! Moreover, why would you alter your behaviour in this regard just for a week? As this year\u2019s National Consumer Protection Week begins, we find ourselves as citizens at a crossroads. Use this week as the catalyst for long-term change in our behaviour towards digital data, systems and cybercrime, or acknowledge it for a few days or hours and slip back into bad habits almost immediately.\u00a0 Consumers are more protected and empowered by law in the digital age, yet we don\u2019t do more to use of the protections afforded to us legally. We do it with regards to our physical safety and security, yet digital personal protection is not always considered to be equally important. We\u2019ve seen a surge in phishing attacks on consumers as cybercriminals step up their efforts to harvest valuable login credentials and personal information that can be used for identity theft.\u00a0 We\u2019ve seen ransomware rise, as trusting consumes find themselves \u2013 and their computers \u2013 duped into downloading and executing code that demands money with menaces for the return of the user\u2019s operating system and data. Even if you pay, your sensitive information will still be harvested, even if the criminal does release the machine. We\u2019ve also seen major organisations suffer data breaches that have compromised personal financial and identity information. High-profile retailers, airlines, hotels, banks and online services have been affected by breaches in the last 12 months.\u00a0 There\u2019s a global cybersecurity skills shortage of nearly three million functions that need to be filled. That means that users can\u2019t just blindly assume that the world around them is completely secure. Sadly, it simply isn\u2019t and won\u2019t be any time soon. More power to consumers! It\u2019s not all bad though. We\u2019ve also seen an enormous increase in the power that consumers have available to protect, defend and define how and where their personal information is used, stored and shared.\u00a0 Legislation such as the EU\u2019s General Data Protection Regulation (GDPR), the NIS Directive, the California Consumer Privacy Act, and the Philippines Data Privacy Act of 2012 are just a few of the more notable examples of law changes that have put power over consumer information back in the hands of the individual, while commanding public and private bodies to deliver a far higher standard of conduct. Firstly, as a society we need to take our consumer rights more seriously with regard to our digital footprint, our digital data and our online relationships with sites and services. The consumer power that legislation such as GDPR has clarified, such as the right to be forgotten and expectations for data protection and incident disclosure, need to be used when appropriate. This is to keep sensitive information out of the reach of those who shouldn\u2019t have it, as well as keep organisations honest. You wouldn\u2019t leave your car sitting outside your house overnight, unlocked, with the keys in the ignition, would you? If you have weak passwords, the same password across everything you use, or your passwords written down in easy view of other people, then you are basically doing the same thing digitally as inviting someone to steal your car.\u00a0 Sort out your personal digital security. Change those passwords, don\u2019t use the same password on two different logins (let alone across 50). Use a password logger tool to help you keep track of your more complex password history, as well as monitor to see whether your usernames and passwords turn up on any known lists of stolen or leaked information. Finally \u2013 preach what you practice. Push your family, your friends and your colleagues to be smarter, safer and more secure online. But do it all the time \u2013 not just for one week a year! As director of cybersecurity advocacy for (ISC)2 in EMEA, Mary-Jo de Leeuw works to encourage corporations, governments, academia and others to collaborate on strong cybersecurity policies, legislation and education.