Since 2004, October has been recognised by the United States government as Cybersecurity Awareness Month (CAM). You can read the most recent presidential proclamation of CAM here.
For those of us whose roles require us to be aware of cybersecurity year-round, it may seem redundant to declare a special month devoted to the subject. However, CAM does present a great opportunity to engage users, improve overall cyber hygiene and boost awareness of how to consistently reduce cyber risks at all levels and across all systems — all year long.
Government and nonprofit resources
The United States Cybersecurity & Infrastructure Security Agency (CISA) and the nonprofit National Cybersecurity Alliance (NCA) offer plenty of resources and materials to help both individuals and organisations create engaging programmes to increase cybersecurity awareness.
This year’s theme: “See Yourself in Cyber”
Technical solutions to secure networks and data against cybercriminals grow more advanced and sophisticated every day (but also simpler and more intuitive to use — at least in Barracuda’s case). But the theme of this year’s CAM is intended as a reminder that at the end of the day, cybersecurity is all about individuals making smart choices, establishing good cyber hygiene habits and being aware of security concerns in every internet-enabled interaction.
“See Yourself in Cyber” is an encouragement to organisations of all kinds to launch broadly inclusive awareness programmes to help make everyone more aware of how to increase both their own personal cybersecurity and that of the organisations where they work.
Last but not least, it’s a recruitment slogan, encouraging engineers and business professionals of all kinds to consider careers in cybersecurity. It’s no secret that the entire industry is facing a shortage of qualified candidates. And even though every tech company makes this claim, cybersecurity really is an industry that works to make the world a better, safer place.
Concrete steps to take this month
CISA and NCA are using this month to highlights a few key actions that everyone should take, the sooner the better, to improve cybersecurity:
- Think Before You Click. Phishing attacks are absolutely ubiquitous — and they are getting slicker and more persuasive every day. Literally any time you receive an email, text message, social media message or any other communication that makes you feel strongly tempted to click or respond, just stop and think. Consider that it might be — let’s face it, probably is — a phishing attempt. Before taking a chance, verify the sender and find alternate means to connect with them. Learn to recognise the telltale signs of phishing and report them to your IT department. Organisations can dramatically reduce risk by implementing a strong security-awareness programme such as Barracuda Security Awareness Training.
- Update Your Software. Software vendors routinely issue patches and updates to eliminate vulnerabilities that criminals can exploit to penetrate your cyber defences. If you don’t act promptly to install them, you’re a sitting duck for every hacker out there. And if you’re using out-of-date or pirated software that is not supported with security updates, get rid of it immediately — that kind of thing makes you a dream victim for cyber crooks. Turn on automatic updates where available. Also, a strong cloud and application security solution like Barracuda Cloud Application Protection can help ensure many of your applications stay up-to-date.
- Use Strong Passwords. It’s astonishing how many individuals and organisations never bother to change the default passwords on their software and accounts. If your password is “password” or “1234,” you might as well be leaving your door wide open and sending out embossed invitations to cybercriminals. There are several simple ways to keep your passwords secure and otherwise strengthen your access controls. For individuals, using a secure password manager that randomly generates strong passwords and remembers them for you is an excellent idea. In addition, multifactor authentication (MFA) makes it a lot harder for criminals to access resources using stolen credentials. And for the highest available access security, a Zero Trust Access solution such as Barracuda CloudGen Access takes it to the next level.
Keeping up with cybersecurity trends
The threat landscape keeps evolving, and there are always new trends in cybersecurity that it’s important to inform yourself about.
Barracuda is extending the idea of Cybersecurity Awareness Month with a series of upcoming blog posts that explore seven key trends Gartner identified for 2022 that should be top-of-mind for anyone involved in combating cyber crime:
- Attack surface expansion
- Digital supply chain risk
- Identity threat detection and response
- Distributing decisions
- Beyond awareness
- Vendor consolidation
- Cybersecurity mesh