October usually conjures up images of pumpkin spiced lattes, Sunday afternoon football and trick or treating. It’s also National Cybersecurity Awareness Month (NCSAM). Now in its 17th year, the annual observance driven by the Cybersecurity & Infrastructure Security Agency (CISA) continues to work toward its goal of raising awareness about the importance of cybersecurity and ensuring Americans have the resources they need to be safer and more secure online.
For many reasons, this year’s theme, “Do your Part. #BeCyberSmart” seems to resonate even more given everything that’s transpired in 2020. As the world around us is compromised in so many ways we previously never thought possible, having a month designated by CISA to “encourage individuals and organizations to own their role in protecting their part of cyberspace, stressing personal accountability and the importance of taking proactive steps to enhance cybersecurity” feels particularly appropriate. But with the stakes significantly raised due to the frequency and severity of cyberattacks – specifically ransomware attacks – it’s no longer sufficient to only raise awareness, educate and offer up friendly tips. Being “CyberSmart” means recognizing the magnitude of threats that exist and heeding advice from the experts defending against the bad actors who seem to be getting more aggressive, more emboldened and even more organized.
All you need to do is read the daily headlines to understand the seriousness of cybersecurity risks. The spread of disinformation continues amid the impending presidential election, while threats from foreign hackers targeting COVID-19 vaccine research persist. More than 1.2 billion students worldwide have been impacted by school closures and submerged in distance learning, while vast numbers of remote workers are increasingly susceptible to cyber threats. We are now living in an era where the list of warnings is literally endless. This is a moment where well-intended advice needs to become an urgent call to action.
We tapped the insight of a few Matter cybersecurity clients who are intent on educating, rather than stoking fears. They work tirelessly to develop products and services which their customers and partners can use daily to defend against relentless attackers. We asked them what Cybersecurity Awareness Month means to them, and why it matters more in the year 2020. Here is what they had to say:
“The security landscape always changes and always will. Today, that may be the complete breakdown of the traditional ‘perimeter’ around a company’s digital assets or the need to suddenly support a massive shift from office work to work-from-home. Tomorrow, we’ll add new challenges, like the impact of quantum computers on our entire computing landscape. No matter where it goes, security innovators will be there to ensure companies and individuals are able to continue their work and personal activities safely.” – Tim Callan, Chief Compliance Officer, Sectigo
“Cybersecurity takes a ‘village.’ It is not only about the information security team’s actions; it also requires making cybersecurity a foundational element of company culture. To defeat today’s cyber criminals, every employee has a role and responsibility to do their part in preventing cyber risks, detecting threats quickly, and allocating the right business and personal resources for continuous improvement. Companies should have KPI’s related to cross-department level cybersecurity and track these indicators alongside other core metrics. A ‘+security’ mentality will also shift how organizations approach new development and services. This thinking will in turn foster lower risk releases and mitigate downstream challenges associated with viewing security in hindsight.” – Carolyn Crandall, Chief Deception Officer and CMO, Attivo Networks
“NCSAM aptly focuses on ‘If You Connect It, Protect It.’ However, one of the biggest challenges the industry is facing is that of Shadow IT assets – or in other words, systems connected online but not known to the central security team. Shadow IT is on tremendous rise due to remote working, cloud, IoT and API adoption, and causes one third of all breaches. As an industry, we need to have systems in place to proactively discover such blind spots and conduct continuous testing to ensure that enterprises are safe online.” – Bikash Barai, Co-Founder at FireCompass.
We’re continuing to do our part to help raise Cybersecurity Awareness both this month and throughout Q4 with additional content, including our new “Cyberside Chat” video series launching soon. We are sitting down with cybersecurity industry leaders, including company executives, bloggers, industry analysts and VCs, and look forward to sharing with you what we learn. Stay tuned, stay safe and #BeCyberSmart!