Awareness of security and cyber attacks is now part of the enterprise psyche. This attention to the state of cyber security is driven by increasing cyber attacks and high-profile cases of ransomware and data breaches.
The Verizon Data Breach Investigations Report (DBIR) has established that the human element is an overwhelming factor in cyber attacks (82%), so any focus on the human role in cyber security is a vital component needed to ensure an organisation is safe.
However, there is still a need to improve Security Awareness Training, with around a fifth of companies feeling that their employees lack proper awareness training to avoid cyber attacks.
To keep security awareness in the public eye and to help optimise company training initiatives, there are several coordinated security awareness months worldwide, including the U.S. National Cyber Security Awareness Month (NCSAM) and the European Cyber security Month. NCSAM takes place in October and the program offers various ideas and resources to help to keep Security Awareness Training relevant and engaging.
What’s National Cyber security Awareness Month (NCSAM) About?
National Cyber Security Awareness Month has something for you no matter where your organisation is located. The initiative is now in its 19th year and draws in experts, vendors, businesses, and governments worldwide. Each year has a theme; in 2022, the theme is “See Yourself in Cyber,” and the hashtags to watch out for are:
Events and resources from the 2022 NCSAM will focus on “people”.
Prior to, during, and after National Cyber Security Awareness Month, you can pop over to the NCSAM site to find information and resources to help educate individuals and employees on making the right choices when faced with cyber-risks.
Nearer to the October awareness event will also find local and vendor events that build upon the resources and ideas from NCSAM for 2022. The NCSAM ethos is always about collaboration and working together across industry, partners, and employees to create your flavour of cyber awareness campaigns and share cyber-safe messaging with everyone in your circle and beyond.
Ideas to Use for Cyber Security Awareness Month
Security awareness is critical to securing an organisation, and any help optimizing cyber security awareness initiatives should be explored.
The Verizon Data Breach Investigations Report (DBIR) establishes the human element aspect of cybercrime, pulling out social engineering and phishing as two of the most common tactics used to trick employees into providing login credentials and other data. Further research from Kaspersky has identified “careless or uninformed staff” as the second most likely cause of a security breach.
National Cyber Security Awareness Month focuses on breaking the human-centric cyber-threat cycle by emphasising the human being’s role in maintaining a secure cyber environment.
Four of the umbrella actions that NCSAM highlight for the 2022 program are:
- Enable Multi-Factor Authentication
- Use Strong Passwords
- Recognize and Report Phishing
- Update Your Software
An enterprise should try to focus on these four key areas as a basis to optimise any cyber security training initiatives. Some ideas based on these areas include:
“Keep Passwords Strong to Keep the Cybercriminals at Bay”
Proverbs and sayings play a large part in human behaviour, after all, a stitch in time saves nine and when in Rome, do as the Romans do.
One idea to engage staff is to create a game where employees make up proverbs, sayings, or short rhymes that can help people remember important security hygiene, such as always using a strong password or reporting a cyber security incident. Offer prizes for the best and use the winning proverbs in your training.
Play Cyber Security Games
Use interactive resources that take employees through typical scams and security attacks. For example, gamified training helps employees to learn and remember their training. You can even extend this to create more exciting and fun cyber security games along the lines of ‘escape rooms”.
Place Posters in Key Work Areas
Put colourful posters around the office that help to teach employees about cyber security attacks and security hygiene. You could also encourage employees to create security posters and offer a prize for the best. These posters can then be used to help employees to remember important security advice throughout the year.
Phish your Employees
Phishing simulation platforms are an excellent way to dive deep into the impact of phishing. Use the theme of NCSAM 2022 to influence the creation of simulated phishing emails using templates. For example, show how important having a second factor is by showing how easy it is to steal a password.
The 2022 National Cyber Security Awareness Month has been ongoing since 2004 and has helped countless businesses to create more effective security training programs for employees.
Our employees are at the leading edge of countering cyber attacks because human beings are often a focal point of a cyber attack. By empowering your employees with security knowledge, a company can redress the balance of cybercrime over cyber-safety. National Cyber Security Awareness Month is an important collaborative way to do this and engage, inform, and pull businesses, individuals, vendors, government bodies, and experts together to fight cybercrime.
Resources for Cyber Security Awareness Month and Beyond:
Free eBook on “Cybersecurity for Dummies”
Webcast on “Best Practice for Cyber Security Awareness Month”