The importance of cybersecurity awareness

Cybersecurity Awareness Month has been observed in October since 2004, when it was founded by the Department of Homeland Security and the National Cyber Security Alliance. NCSAM has been a collaborative effort between government and industry to raise awareness about the importance of cybersecurity and ensure that all Americans have the resources they need to be safer and more secure online.  

According to the NCSA, “The line between our online and offline lives is indistinguishable. In these tech-fueled times, our homes, societal well-being, economic prosperity and nation’s security are impacted by the internet.”

As a part of their annual campaign, NCSA chooses a theme to help promote and highlight areas that organizations and individuals can focus on to help raise awareness. In the past, these themes have included “cybersecurity is a shared responsibility” or “cybersecurity in the workplace is everyone’s business.”

This year, the theme emphasizes personal accountability and stresses the importance of taking proactive steps to enhance cybersecurity at the home and in the workplace: “Own IT. Secure IT. Protect IT.”  

There’s a ton of information that any organization can use to raise awareness. Following is just a small sample prepared for National Cybersecurity Awareness Month by the NCSA:

Businesses face significant financial loss when a cyber attack occurs. In 2018, the U.S. business sector had the largest number of data breaches ever recorded: 571 breaches. Cybercriminals often rely on human error — employees failing to install software patches or clicking on malicious links — to gain access to systems. From the top leadership to the newest employee, cybersecurity requires the vigilance of everyone to keep data, customers and capital safe and secure. #BeCyberSmart to connect with confidence and support a culture of cybersecurity at your organization.

Five ways to be cyber secure at work

SIMPLE TIPS TO SECURE IT.

1. Treat business information as personal information. Business information typically includes a mix of personal and proprietary data. While you may think of trade secrets and company credit accounts, it also includes employee personally identifiable information (PII) through tax forms and payroll accounts. Do not share PII with unknown parties or over unsecured networks.
2. Technology has its limits. As “smart” or data-driven technology evolves, it is important to remember that security measures only work if used correctly by employees. Smart technology runs on data, meaning devices such as smartphones, laptop computers, wireless printers and other devices are constantly exchanging data to complete tasks. Take proper security precautions and ensure correct configuration to wireless devices in order to prevent data breaches.

• Be up to date. Keep your software updated to the latest version available. Maintain your security settings to keep your information safe by turning on automatic updates, so you don’t have to think about it, and set your security software to run regular scans.
• Social media is part of the fraud toolset. By searching Google and scanning your organization’s social media sites, cybercriminals can gather information about your partners and vendors, as well as human resources and financial departments. Employees should avoid oversharing on social media and should not conduct official business, exchange payment or share PII on social media platforms.
• It only takes one time. Data breaches do not typically happen when a cybercriminal has hacked into an organization’s infrastructure. Many data breaches can be traced back to a single security vulnerability, phishing attempt or instance of accidental exposure. Be wary of unusual sources, do not click on unknown links and delete suspicious messages immediately.

Visit www.niccs.us-cert.gov/national-cybersecurity-awareness-month-2019 for more information.