Every October since 2004, we celebrate Cybersecurity Awareness Month (CAM). This collaboration between government and private sector businesses is designed to raise awareness for digital security. It began in the U.S. and is now recognized in multiple countries.
Cybersecurity isn’t always the most exciting topic around the office. And oftentimes, employees see it as something “for IT to worry about.”
What CAM does is remind us that cybersecurity is a team effort, and everyone can play a part. This not only benefits data security at work, but it also helps people protect their own personal data.
As our digital footprint continues to grow, so do the threats we face in the online world. This Cybersecurity Awareness Month explores how to effectively promote security basics to keep ourselves, our businesses, and our communities safe in the digital age.
Promoting Security Basics: Four Key Behaviors
This year, CAM focuses on four key behaviors that can improve overall digital security significantly. Did you know that about 88% of data breaches are caused by human error? That’s a shocking number, but also one that offers hope.
If human mistakes are responsible for a majority of breaches, then it means they can be corrected to improve cybersecurity substantially. Often, simple good cyber hygiene can reduce those errors in a big way.
This October, promote the following key behaviors that everyone can do to improve their cybersecurity.
1. Use Strong Passwords & a Password Manager
Emphasize the importance of strong, unique passwords for every online account. If your cloud tools have the option, require passwords to have the following parameters and reject those that don’t:
- At least 12 characters long
- At least 1 number
- At least 1 special character
- At least 1 upper case letter
- At least 1 lower case letter
Passwords should also be unique and more than 1 character different than another password. (Let your team know that it’s not okay to just put a different number at the end of the same password to “change” it.)
How does everyone remember all those difficult passwords? A password manager! Encourage the use of a password manager to generate and store complex passwords securely. The best way to do this is to sign up for a business account so all employees can be provided the same password manager app to use.
2. Turn on Multifactor Authentication (MFA)
Multifactor authentication (also known as two-step verification) should be turned on with every account that has the option. It adds an extra layer of security to your online accounts by requiring a second verification step, typically a code sent to your mobile device.
Microsoft has stated that it is 99.9% effective at blocking fraudulent sign-in attempts. It can keep a hacker out of your cloud account even if they’ve compromised your password.
3. Recognize & Report Phishing
Phishing is the most common method used by cybercriminals to trick individuals into revealing sensitive information or installing malware. It has become very sophisticated over the years and can often be difficult to spot. Ongoing awareness training is recommended to keep your team up to date on identification techniques.
Training yourself and your colleagues to recognize phishing attempts is the first step. Don’t forget to include how to report phishing. If the first person who identifies a phishing email reports the incident, others in the office can be made aware before one falls for the trap.
Set up steps on how to report suspected phishing and let your team know. Just having that place to get a verification can keep someone from reacting to a message and making a click they’ll regret.
4. Update Software
Keeping your software, operating systems, and applications up to date is a fundamental aspect of cybersecurity. Regular updates and patch management help fix known vulnerabilities and protect your systems from exploitation.
With so many devices being used for work, it’s important to update them all. This includes computers, printers, smart devices, mobile phones, tablets, wearables, and anything else that connects to the internet.
Activities for Cybersecurity Awareness Month
Make CAM and learning about digital security as fun as possible to help employees retain the information.
Here are a few activities you can plan in October:
- Phishing Identification Workshop: Host an interactive workshop where everyone can participate. Use visuals like common signs of phishing printed on fish shapes to liven up the training.
- Malware/Security Hero Costume Contest: The week of Halloween, hold a costume contest, but make the costume theme either a type of malware or a security best practice.
- Cybersecurity Challenges and Quizzes: Engage your team with fun and educational challenges or quizzes related to cybersecurity. Offer fun prizes, like candy or company logo items.
- Promote Online Resources: Share informative articles, infographics, and videos on your website and social media platforms, and encourage your team to join in.
Get Expert Cybersecurity Training & Solutions from B-Comp Services
Need some help improving your company’s cybersecurity? From employee training to software solutions, B-Comp Services can help your Denver area business reduce your risk of an attack.
Contact us today for a consultation. Call at 303-282-4934 or contact us online.