2021 National Cybersecurity Awareness Month has kicked off with the goal of improving awareness of cybersecurity and the importance of adopting cybersecurity best practices to make it harder for hackers, phishers, and online scammers to succeed. Digital safety and security have never been more important, with cyberattacks on businesses at record levels and ransomware gangs conducting huge numbers of attacks.
“Our Nation is under a constant and ever-increasing threat from malicious cyber actors. Ransomware attacks have disrupted hospitals, schools, police departments, fuel pipelines, food suppliers, and small businesses — delaying essential services and putting the lives and livelihoods of Americans at risk,” said President Biden in a statement. “Any disruption, corruption, or dysfunction of our vital infrastructure can have a debilitating effect on national and economic security, public health, and our everyday safety.”
Cybersecurity Awareness Month was launched in 2004 by the National Cyber Security Alliance and the United States Department of Homeland Security with the goal of improving security awareness with the public to help individuals stay safe online. Now in its 18th year, the initiative has grown in scope and has significantly improved its reach. In addition to encouraging individuals to take greater care to improve security and protect their privacy online, there is also a major focus on encouraging businesses to take steps to improve their cybersecurity measures and ensure they provide high quality security awareness training to their workforce and implement safeguards to better protect their systems and sensitive data.
Each National Cybersecurity Awareness Month has a different theme and aims to improve awareness of different aspects of cybersecurity, in line with the latest digital threats. This year’s overall theme is “Do Your Part. #BeCyberSmart,” and aims to raise awareness of the role every individual must play in cybersecurity. Cybersecurity is not the sole responsibility of the IT department. Every individual needs to take steps to help improve the security of their organization and is responsible for protecting their own privacy in an increasingly digital world.
Each week in October is focused on a different theme:
- Week 1: Be Cyber Smart.
- Week 2: Fight the Phish!
- Week 3: Explore. Experience. Share.
- Week 4: Cybersecurity First
Week 1 is concerned with improving security awareness and encouraging individuals and businesses to follow cybersecurity best practices. Best practices include setting unique, strong passwords for all accounts, a practice made much easier by using a password management solution. 2-factor or multi-factor authentication should be configured for accounts, especially sensitive accounts such as online banking. Multi-factor authentication can prevent the majority of brute force password guessing attempts from succeeding. Software updates are not optional measures, they are vital for ensuring exploitable vulnerabilities are addressed and should be implemented promptly and never ignored. Given the increase in ransomware attacks, it is also vital to backup data to ensure recovery is possible without having to pay a ransom.
Week 2 is concerned with taking steps to counter phishing attacks – the most common method used by hackers to gain access to accounts and sensitive data. The 2019 Verizon Data Breach Investigations Report indicates 80% of all reported security incidents were phishing attacks and phishing attacks have been rampant during the COVID-19 pandemic. These attacks can be prevented by using email security solutions and taking care when opening emails, attachments, and clicking links in emails.
Week 3 is concerned with improving awareness of career opportunities in cybersecurity, highlighting Cybersecurity Career Awareness Week led by National Initiative for Cybersecurity Education (NICE) and encouraging individuals, young and old, to consider employment in this dynamic industry.
The final week of the month is focused on encouraging businesses to make security a priority, which includes building security protections into their products and processes, making sure the on-boarding of employees includes cybersecurity training, and providing ongoing security awareness training to the workforce.
“Since its inception, Cybersecurity Awareness Month has elevated the central role that cybersecurity plays in our national security and economy., said President Biden. “I encourage all Americans to responsibly protect their sensitive data and improve their cybersecurity awareness by embracing this year’s theme: “Do Your Part. Be Cyber Smart.”