Cybersecurity Awareness Month 2022

 

As the millennium dawned, the rapid growth of the internet from a U.S. government project to an interconnected computer network that underpins society meant cybercriminals had more devices to exploit than ever before – and the techniques they used to execute cyberattacks were becoming increasingly sophisticated.

By 2004, cybercrime was booming amid this ever-expanding attack surface. For example, the number of known viruses broke the 100,000 barrier and phishing attacks – which are responsible for around a quarter of all data breaches today – were recording growth rates of more than 30%.

In the face of this very real threat, something had to be done to highlight the significance of cybersecurity – so businesses could fight back. In the U.S., the National Cybersecurity Alliance and the Department of Homeland Security joined forces to establish a month dedicated to learning how to remain safe online: National Cybersecurity Awareness Month.

The initiative was created as a collaborative effort between government and industry to raise awareness about digital security and empower everyone to protect their data from cybercrime. The month is dedicated to creating resources and establishing channels of communication that help organisations talk to their employees and customers about staying safe online. It emphasises personal accountability, the value of a collective effort in the fight against cybercrime, and the importance of taking proactive steps to enhance cybersecurity in the workplace.

Now in its 19th year, the sustained success of this worthwhile initiative has seen it recognised by countries around the globe – including the UK where the Cyber Security Council will be holding several events during October, and Europe where it’s the 10th anniversary of the European Cybersecurity Month this year.

Joint founder of the original event, the National Cybersecurity Alliance stresses the value of raising awareness about combatting cybercrime in the digitally enabled world we live in today: “In these tech-fuelled times, our homes, societal well-being, economic prosperity, and nation’s security are impacted by the internet. If everyone does their part – implementing stronger security practices, raising community awareness, educating vulnerable audiences, or training employees – our interconnected world will be safer and more resilient for everyone.”

Each year a new theme is chosen for the month to focus everyone’s attention on pertinent topics that are relevant to the current threat climate. Recent themes include: “Do Your Part. #BeCyberSmart.” and “Own It. Secure It. Protect It”. The theme for Cybersecurity Awareness Month 2022 is: "See Yourself In Cyber".

With the threat landscape constantly evolving as cybercriminals develop innovative attacks to fit new trends – it was reported that during the Covid-19 pandemic, cybercrime increased by 600% – while tweaking existing attacks to avoid detection, achieving robust cybersecurity can seem daunting. This year’s theme aims to remind and reassure internet users – including businesses – that there are many simple ways they can keep private information and data secure when browsing and using the internet.

During October, Cybersecurity Awareness Month will illuminate the importance of four key behaviours:

• Enabling multi-factor authentication: When activated, this requires anyone logging into an account to navigate a two-step process to prove their identity, making it twice as hard for cybercriminals to compromise an online account.
• Using strong passwords and a password manager: Creating, storing, and remembering online passwords is part of everyday life. This first line of defence against cybercriminals and data breaches can be enhanced using free, simple-to-use password managers.
• Updating software: This is perhaps the simplest of the four key behaviours. This involves installing software updates and patches strategically as soon as they become available. Therefore, for a proactive approach, devices should be set up to auto-update software.
• Recognising and reporting phishing: Phishing – when cybercriminals use fake emails, social media posts or direct messages to trick people into handing over confidential data or installing malware onto their device – can be avoided when you know what to look for.

Risk professionals at all levels – from Chief Information Security Officers to cybersecurity engineers – will be encouraged to take a risk-based approach and focus on the behaviours most important to their organisation. Cybersecurity Awareness Month provides a platform for these cybersecurity champions to both pass on their knowledge and learn more about the dynamic world of cybersecurity.