What Are You Doing for Cyber Security Awareness Month?

This October is Cyber Security Awareness Month, an event designed to educate people about information security and the steps they can take to stay safe online.

Now in its nineteenth year, the campaign provides tools and resources to help people learn more about the cyber security industry and the ways they can get involved.

This year’s event focuses on phishing and ransomware – two of the biggest threats that organisations currently face.

According to Proofpoint’s 2022 State of the Phish Report, 83% of organisations fell victim to a phishing attack last year. Meanwhile, Verizon’s 2021 Data Breach Investigations Report found that 25% of all data breaches involve phishing.

The attack method is often used to deliver ransomware, which itself is responsible for significant damage. Our research discovered more than 100 publicly disclosed ransomware attacks in the first half of 2022, with intrusions shuttering businesses and creating huge financial problems.

Getting involved

There are events being held throughout October as part of National Cyber Security Awareness Month. Both national governments and private organisations have supported the campaign and are running programmes online and in person.

You can find a full list of events on Stay Safe Online, where you can also find information security tips.

The theme of this year’s campaign is ‘See Yourself in Cyber’, and individuals are encouraged to get involved online with the hashtag #BeCyberSmart.

A key component of that is protecting yourself from scams. The campaign reminds people that: “The signs can be subtle, but once you recognize a phishing attempt you can avoid falling for it.

“Before clicking any links or downloading attachments, take a few seconds (like literally 4 seconds) and ensure the email looks legit.”

The campaign also highlights the benefits of multi-factor authentication, strong passwords and regularly updating software.

How IT Governance can help

You can also follow the latest developments with Cyber Security Awareness Month by following IT Governance on LinkedIn. We’ll will provide the latest updates on the campaign to help you get involved in events near you.

Plus, our experts will provide quick and simple tips to boost your cyber security awareness. Did you know, for example, that one of the most effective ways to boost your defences is also one of the simplest – ensuring that your accounts are protected by strong, unique passwords.

This applies not only to login credentials but also to databases and other sensitive information that you store online. The InterContinental Hotel Group was recently caught out by a cyber attack, after criminal hackers discovered a database protected by the password ‘Qwerty1234’.

The breach enabled the attackers to access the most sensitive parts of the hotel giant’s computer systems, and ultimately led to a phishing attack in which an employee was duped into downloading malware that destroyed huge volumes of sensitive data.

Another top tip for preventing cyber attacks is to conduct simulated phishing attacks. These are messages that use the same techniques as genuine scams without the malicious payload.

The attacks give you the opportunity to monitor how your employees respond to a bogus email. Do they click a link right away? Do they recognise that it’s a scam and delete it? Do they contact the IT team to alert them of the threat?

Simulated phishing is an essential technique in an organisation’s cyber security practices. It complements traditional staff awareness training to assess the effectiveness of your programme in a real-world scenario.

You find out more about the techniques you can use to prevent phishing attacks, and how IT Governance is supporting Cyber Security Month, on our website.