Use These Free CISA Resources to Emphasize Cybersecurity Awareness Month This October
For a little under two decades, October has been what’s known as Cybersecurity Awareness Month in the information security community. The month is an opportunity for organizations, regulatory bodies and government officials to raise awareness about the importance of cybersecurity – both in the workplace and in your employees’ personal lives.
While we all know that cybersecurity is important, it can be hard to raise awareness if you don’t have dedicated internal expertise, which we know many companies don’t. A report by Kaspersky, for example, found that just half (52%) of enterprises globally have dedicated cyber security departments – and many don’t even have a single security person.
In the absence of security professionals, many companies turn to providers like us to help with managed IT and security. When it comes to cyber security month, it’s also valuable to turn towards free online resources from reputable bodies, such as the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA).
Together, these bodies are responsible for championing cybersecurity awareness both nationally and internationally.
What is Cybersecurity Awareness Month and Why Should I Take Part?
Cybersecurity awareness month is an event that takes place annually, every October. The objective of the campaign is to improve people’s understanding of data security and cyber security threats to reduce the likelihood of successful cyber-attacks and data breaches.
If your organization has never taken part in cybersecurity awareness month, 2022 is the perfect time to start! Don’t worry if you’re not sure where to begin either. Below, we’ve put together a list of tips, tricks and topics that you can use to plan your internal campaign.
This Year’s Cybersecurity Awareness Month Theme: See Yourself in Cyber
This year’s campaign is titled: See Yourself in Cyber. The theme focuses on the human element of cybersecurity. While many people think security is a technical, complex discipline, a lot of data breaches and issues are actually the result of human error.
While this seems scary, it means that you and your employees only need to take some straightforward actions to improve your security resilience.
4 Things To Discuss This Cybersecurity Awareness Month
CISA and NCA’s resource gives you a starting point on which to base your wider internal campaign. As you’ll see in the bulletin, the bodies recommend focusing communications effort around four subjects:
Enable Multi-Factor Authentication: With credentials theft on the rise, passwords alone simply aren’t enough to secure your organization. So, raise awareness about multi-factor authentication this October, and ensure that your employees have enabled it.
Use Strong, Unique Passwords: To further enhance security, encourage your employees to use strong, unique passwords for each of their online accounts. If your people are concerned about having to remember random, complex passwords, why not deploy a password manager across your organization.
Recognize and Report Phishing: Phishing attacks are responsible for over 30% of data breaches. These attacks rely on human error. Malicious actors hope that employees will click on a fraudulent link or open a malicious attachment, without realizing the message they’ve received is a fake. Cybersecurity month is the perfect opportunity to give your employees a phishing training refresh and reinforce the importance of carefully checking emails before taking any action.
Update Your Software: Many successful cyber-attacks occur because employees have forgotten to update their software to the latest version. In fact, 57% of data breaches are attributed to poor patch management. This is because software updates don’t just feature bug fixes. They also contain critical security updates that protect employee devices and software from malicious exploitation. To that end, you should share information about the importance of updating software as part of your campaign.
How To Run A Great Cybersecurity Awareness Campaign
Cybersecurity awareness month is a great opportunity to unleash your creativity and engage your employees in unique and fun ways. We recommend using a mixture of:
- Posters and flyers
- Lunch and learn sessions
- Cybersecurity email bulletins
- Awareness training, like our computer training services
- Quizzes and games
You can choose any or all of the above. The main thing to remember is to try and make your campaign as interesting and engaging as possible. This is vital to driving meaningful, long-term cultural change.
Remember, Every Month Should Be Cybersecurity Awareness Month!
Finally, it’s important to remember that, while cybersecurity awareness month just runs through October, cybersecurity awareness should be an ongoing initiative that’s embedded into the values and culture of your organization.
Need Help With Improving Your Cybersecurity Posture or Running A Cybersecurity Awareness Month Campaign?
Ready to take your cybersecurity game to the next level? Contact the friendly team here at GEEK911. We can help you improve your security posture and enhance security awareness in your organization.
Call (866) 433-5411 today!