As National Cybersecurity Month arrives, there is an even stronger focus on the cyber safety of consumers.
October marks the 15th National Cybersecurity Awareness Month (NCSAM) in the United States. Since its 2004 inception under leadership from the U.S. Department of Homeland Security and the National Cyber Security Alliance, NCSAM has grown exponentially, reaching consumers, small and medium-sized businesses, corporations, educational institutions and young people across the nation. 2018 marks the 15th year of National Cyber Security Awareness Month. NCSAM 2018 also marks the 8th anniversary of the STOP. THINK. CONNECT. campaign. Each year, NCSAM highlights the overall message of STOP. THINK. CONNECT. and the capstone concepts of the campaign, like “Keep a Clean Machine,” “Protect Your Personal Information,” “Connect with Care,” “Be Web Wise,” “Be a Good Online Citizen,” “Own Your Online Presence” and “Lock Down Your Login.”
Themes for Cybersecurity Month
Week 1: Oct. 1–5: Make Your Home a Haven for Online Safety
Every day, parents and caregivers teach kids basic safety practices ‒ like looking both ways before crossing the street and holding an adult’s hand in a crowded place. Easy-to-learn life lessons for online safety and privacy begin with parents leading the way. Learning good cybersecurity practices can also help set a strong foundation for a career in the industry. With family members using the internet to engage in social media, adjust the home thermostat or shop for the latest connected toy, it is vital to make certain that the entire household ‒ including children – learn to use the internet safely and responsibly and that networks and mobile devices are secure. Week 1 will underscore basic cybersecurity essentials the entire family can deploy to protect their homes against cyber threats.
Week 2: Oct. 8–12: Millions of Rewarding Jobs: Educating for a Career in Cybersecurity
A key risk to our economy and security continues to be the shortage of cybersecurity professionals to safeguard our ever-expanding cyber ecosystem. Raising the next generation of interested and capable cybersecurity professionals is a starting point to building stronger defenses. There are limitless opportunities to educate students of all ages – from high school into higher education and beyond – on the field of cybersecurity as they consider their options. In addition, veterans and individuals who are looking for a new career or re-entering the workforce, should explore the multitude of well-paying and rewarding jobs available. Week 2 will address ways to motivate parents, teachers and counselors to learn more about the field and how to best inspire students and others to seek highly fulfilling cybersecurity careers.
Week 3: Oct. 15–19: It’s Everyone’s Job to Ensure Online Safety at Work
When you are on the job – whether it’s at a corporate office, local restaurant, healthcare provider, academic institution or government agency ‒ your organization’s online safety and security are a responsibility we all share. And, as the lines between our work and daily lives become increasingly blurred, it more important than ever to be certain that smart cybersecurity carries over between the two. Week 3 will focus on cybersecurity workforce education, training and awareness while emphasizing risk management, resistance and resilience. NCSA’s CyberSecure My Business will shed light on how small and medium-sized businesses can protect themselves, their employees and their customers against the most prevalent threats.
Week 4: Oct. 22–26: Safeguarding the Nation’s Critical Infrastructure
Our day-to-day life depends on the country’s 16 sectors of critical infrastructure, which supply food, water, financial services, public health, communications and power along with other networks and systems. A disruption to this system, which is operated via the internet, can have significant and even catastrophic consequences for our nation. Week 4 will emphasize the importance of securing our critical infrastructure and highlight the roles the public can play in keeping it safe. In addition, it will lead the transition into November’s Critical Infrastructure Security and Resilience Month, which is spearheaded by the U.S. Department of Homeland Security.
How Cyber Safe is Your Data?
It’s important to note that no individual, business or government entity is solely responsible for securing the internet. Everyone has a role in securing their part of cyberspace, including the devices and networks they use. Individual actions have a collective impact and when we use the internet safely, we make it more secure for everyone. Keep in mind, today’s employees are connected to the Internet all day every day, communicating with colleagues and stakeholders, sharing critical information and jumping from site to site. With hacking, data breaches and ransomware attacks on the rise, it is essential for all companies to plan for the worst, with mandatory cybersecurity training for all employees and with the recommended solutions for mitigating the risks. Today’s data threats don’t discriminate; businesses of all sizes are susceptible to attacks. However, many businesses are often less prepared to deal with security threats than their larger counterparts. The reasons for this vary from business to business, but ultimately it comes down to the fact that most companies often have less resources to devote to cybersecurity efforts.
During National Cybersecurity Month, educated employees to the dangers of cyber threats and focus IT and data security measures on key targets, including:
- Email Safety: Ensure all employees are wary of any email containing an attachment they aren’t expecting, especially if said attachment is a Microsoft Office file. Before clicking on anything, make sure they confirm with the sender (via phone, text, separate email) what it is before opening or clicking anything.
- Website Safety: Malicious websites and malvertisements are designed to look like a page or ad on a legitimate website. These sites can look incredibly real, featuring branding and logos, which is why so many end up giving cyber criminals their personal information or access to directly inject malware onto their systems. Typically, hackers will insert code into a legitimate site which redirects unsuspecting users to their malicious site.
- Antivirus Software: Cybersecurity technology starts with antivirus software. Antivirus, as its name implies, is designed to detect, block, and remove viruses and malware. Modern antivirus software can protect against ransomware, keyloggers, backdoors, rootkits, trojan horses, worms, adware, and spyware. Some products are designed to detect other threats, such as malicious URLs, phishing attacks, social engineering techniques, identity theft, and distributed denial-of-service (DDoS) attacks.
- Network Firewall: A network firewall is also essential. Firewalls are designed to monitor incoming and outgoing network traffic based on a set of configurable rules—separating your secure internal network from the Internet, which is not considered secure. Firewalls are typically deployed as an appliance on your network and in many cases offer additional functionality, such as virtual private network (VPN) for remote workers.
- Patch Management: Patch management is an important consideration as well. Cyber criminals design their attacks around vulnerabilities in popular software products such as Microsoft Office or Adobe Flash Player. As vulnerabilities are exploited, software vendors issue updates to address them. As such, using outdated versions of software products can expose your business to security risks. There are a variety of solutions available that can automate patch management.
- Password Management: Studies have reported that weak passwords are at the heart of the rise in cyber theft, causing 76% of data breaches. To mitigate this risk, businesses should
adopt password management solutions for all employees. Many people have a document that contains all of their password information in one easily accessible file—this is unsafe and unnecessary. There are many password management apps available today. These tools allow users keep track of all your passwords, and if any of your accounts are compromised you can change all of your passwords quickly. Encryption is also an important consideration. Encrypting hard drives ensures that data will be completely inaccessible, for example if a laptop is stolen. - Data Protection: Taking frequent backups of all data considered critical to your business is critical. The exact frequency of backups will vary based on your business’ specific needs.
Traditionally, most businesses took a daily backup, and for some businesses this may still be suitable. However, today’s backup products are designed to make incremental copies of data throughout the day to minimize data loss. When it comes to protecting against cyber attacks, solutions that back up regularly allow you to restore data to a point in time before the breach occurred without losing all of the data created since the previous night’s backup. Some data protection products can take image-based backups that are stored in a virtual machine format—essentially a snapshot of the data, applications, and operating system. This allows users to run applications from the backup copy. This functionality is typically referred to as instant recovery or recovery-in-place.
Want to know more? Contact the Cybersecurity experts at CompuData today!