Developed in 2004, Cybersecurity Awareness Month is all about bringing awareness and sharing information on cybersecurity topics. Many people still think that if they are not technical or if they don’t work in cybersecurity, there is nothing they can do to help. I disagree and am glad that this year’s theme for Cybersecurity Awareness Month is “See Yourself in Cyber” and focuses on the people element of cyber and the idea that cybersecurity is for everyone.
You may have picked up on the fact that calling people the weakest link in cybersecurity drives me crazy. I am a proponent that people can be your strongest defense IF your organization takes the time and makes the effort to educate and inform them on a regular basis. Quick annual, dry as melba toast is not the way to make the information stick. Cybersecurity training needs to be consumed in short snippets and made to be enjoyable (something that training company Wizer recently pointed out in their extremely entertaining ad – note, Tego and I are not affiliated with or advocating the company, I simply love the ad and the point it makes!) And cybersecurity awareness training is not a one-size, fits all approach. If your organization has someone in HR is a habitual phishing test clicker, then that person may need a bit of extra guidance/training versus the cyber-savvy HR person that never clicks on anything.
CISA has four actions that each and every one of us can do to better protect ourselves, our families, and the organizations that we work for. Boiling it down to four items seems to be simple and it is. While there is no silver bullet to stop cyber-attacks, taking these four steps will go a long way:
- Think Before You Click (Would the IRS really contact you via email and threaten you? The answer is no!)
- Update your software (and don’t forget about all your smart, internet-connected devices like your cameras, tv, refrigerator, etc!)
- Use strong passwords (and don’t reuse them on different websites!)
- Enable multi-factor authentication (also known as MFA or 2FA)
Four fairly simple steps that all of us can take to be more cyber-savvy and not become victims of cyber-criminals and scammers. #BeCyberSmart #SeeYourselfInCyber #CybersecurityAwarenessMonth