Categories Blog National Cybersecurity Awareness month: this month’s theme highlights Post author By Rajkumar Post date January 6, 2023 No Comments on National Cybersecurity Awareness month: this month’s theme highlights Home Blog Topic National Cybersecurity Awareness month: this month’s theme highlights Today we are spending a quarter of our lives in the digital world so it should come as no surprise that cybersecurity is a must for all of us. Why are we talking about it? Simply because It is National Cyber Security Awareness month. It is in October that it is celebrated around the globe. It is led by the National Security Alliance and the government in the US. Given how important our physical security is, the presence of cybersecurity is equally vital today. This is because external threats have affected organizations in unimaginable ways costing them millions of dollars and loss of sensitive personal and financial data. This year’s cybersecurity awareness month’s theme is “See yourself in cyber”. And today we are going to look into these behaviors individually and understand how we adopt them through various practices. Why is cybersecurity awareness important? Cybersecurity awareness helps employees stay aware of the most recent cyber threats that can affect them in the most damaging way. It is about what they know and what they do to protect their most important assets where they store key personal and financial information. It is to raise the importance of cybersecurity. Why is cybersecurity awareness important? If you want your organization to prevent cyberattacks better then you need to create higher awareness among your employees regarding cyber security. These are the 3 ways in which you can do various ways such as follows: Get leaders to do the talking What the leaders of the organizations say makes a huge difference. Therefore, organizational leaders need to take up the topic of cybersecurity and start talking about it. Soon others will notice it as something that is important and should be paid attention to. Train and test people One of the best things you can do to promote cyber awareness at the workplace is to train people but make sure that it is interactive and practical else it will fail. You can also run tests to gauge whether they have understood the concepts trained. For example: to identify phishing emails sent through a fake identity, to test whether they change their passwords regularly, etc. Recognize and encourage people In order to motivate people to take steps for increasing their cybersecurity awareness, you need to recognize those who are already taking steps and measures to increase their cyber readiness. This way, others shall follow them in increasing their cyber readiness. “See yourself in cyber”: 4 key behaviors to adopt 1. Use strong passwords and a password manager Using a password manager is a wise thing to do if you don’t want to keep track of all of your credentials in one place. It is an encrypted cloud-based platform where you can store all of your passwords. You might know Mozilla Firefox and Google Chrome’s password managers. Remember when you create an account somewhere and when you click on create a password, that window pops up saying ” wanna create a new safe password?”. That is nothing but an embedded feature of password managers. It allows the user to generate a new encrypted password that is highly secure. Why do you need a password manager? This is simply because in case you use the same password in multiple locations, it is easier for bad actors to hack into your account and access all of your sensitive data. With a password manager, you can create a password that is safe and encrypted such that you create a new secure password every time you create an account somewhere. But one research report says that people don’t trust password managers enough to use them. In case you don’t wanna use the password manager, we recommend that you create a strong password that is secure enough to protect your account. We suggest that you don’t use any personal information such as your name, your pet’s name, etc. One of the best ways to keep a secure password is to generate one using the password manager’s password generator. Here is a list of some of the most common passwords to avoid: password 123123 123456 Welcome 111111 000000 112233 princess Qwert 123,456,789 2. Enable Multi-Factor authentication Above we discussed how using strong passwords and a password manager can save you from the trouble of being compromised. But passwords aren’t enough when it comes to securing your sensitive data and information online. According to one research, over 15 b passwords are sold on the dark web at any time. And bad actors use this as a means to initiate cyber attacks. Most of the breaches are a result of stolen passwords. This is because passwords only serve as one layer of security that is vulnerable to compromise. Therefore it is critical to increasing the level of security of your accounts online. It can be done by adding another layer of security which is Multi-Factor Authentication (MFA). Adding multi-factor authentication to your online accounts can prevent most cyber attacks. But sadly, not many people even know what MFA is let alone protect their account using it. So let us take a closer look into what MFA is. Multi-Factor Authentication is an additional layer of security that is beyond passwords. It involves logging in using an authenticator application or asking the user to input a set of information that is sent to their mobile devices. Upon input, the user may log in to their account. However, MFA isn’t just limited to codes, it can also include a secure question or even biometric authentication. Remember that you were asked a security question before logging in to your bank account? That is nothing but Multifactor authentication! This is commonly used by institutions where there is sensitive financial information involved but we suggest that you use it in all of your work accounts as well as private accounts where you have stored sensitive information. Keeping MFA as an additional layer to your account security can save you a lot of time and expense that you would otherwise have in case of a breach. It can help you identify sites that are genuine and prevent threats of attacks from both inside and outside your organization. You should use MFA in all of the accounts where you store personal info such as social media, wherever you store your financial information such as online stores or banks, and all of your work info such as your work account. 3. Update Software According to research, it was found that over 34% of people rarely update their devices’ software and it is not a shocker that these are some of the devices that are vulnerable to any form of cyber attack. This is because attackers often exploit vulnerabilities in the software to steal sensitive information. Bad actors often look to exploit Common Vulnerabilities and Exposure (CVE) in the software which can be lethal without updates or patches of some kind. Patches and updates are essential since they ensure that all the CVEs and recent vulnerabilities are taken care of in the software. This protects you from bad actors who are looking for a way to bypass your device’s security by exploiting your device’s vulnerabilities. Updating your device’s software is also one of the most simple ways to upgrade your device’s security. It is also one of the easiest behaviors to adopt among the four. It is vital to make sure that before installing any updates to your device, you must check that it is legitimate. At work, you must seek consultancy from your IT department before you install any updates. 4. Recognize and Report Phishing Phishing is a social engineering tactic where the attacker impersonates a person of trust and seeks to extract/steal sensitive information through seemingly legitimate pages or URLs. Out of all the kinds of cyberattacks, Phishing is one of the most common cyberattacks. When done through SMS, it is known as smishing. It is important to consider that even an IT expert can fall for a phishing attack because it is a social engineering tactic aimed at key personnel who are vulnerable to being compromised. A good measure for preventing phishing is awareness about it. In a workspace, it is essential to create awareness and conduct drills to make personnel aware of the steps that can be taken to prevent phishing. Appropriate training must be planned for employees regarding phishing and the course of action that can be taken in the occurrence of phishing. Employees should be able to differentiate between genuine and suspicious links that they receive through seemingly genuine emails. They should be trained to cross-verify information of the sender before opening the link that they send through mail. Adoption of this behavior at a personal level means being aware at all times and not opening seemingly suspicious URLs that you receive through emails. It also means being aware on social media platforms of fake friend requests, messages claiming to be genuine, and requests relating to a request for some amount of money. 4 behaviors to adopt: A summary Here are the 4 behaviors that you should adopt to be one step ahead in terms of cybersecurity: Use strong passwords and password managers Enable multi-factor authentication Update your software regularly Recognize and report phishing Increase your cybersecurity readiness with SharkStriker Enhance your cybersecurity readiness with SharkStriker’s 24/7/365 team of experts at SOC and some of our cutting-edge cybersecurity tools which are human-led solutions that are driven by AI/ML. We have the experience and resources you need to step up your organization’s cybersecurity game. SearchSearch Recent Post SharkStriker handshakes with Gateworx as Middle East Distribution Partner for Cyber Security SolutionsJanuary 11, 2023 SharkStriker and Waves Telecom Collaborates to Deliver SAMA and Aramco ComplianceJanuary 11, 2023 Cyber Protect LLC Joins Hands with SharkStriker to Leverage Their White-Labeled Cybersecurity ServicesJanuary 11, 2023 Excitement Galore! SharkStriker Inc. is Interviewed by SafetyDetectivesJanuary 11, 2023 Cybersecurity Firm SharkStriker Unveils its Detection and Mitigation Steps to Fight Log4j VulnerabilityJanuary 11, 2023 On-Demand Webinars Becoming Cybersecurity Compliant in the MEA Region With SharkStrikerJanuary 11, 2023 Leveraging 24/7 SOC-as-a-Service With SharkStrikerJanuary 11, 2023 Expand Cybersecurity Portfolio at Zero Investment with SharkStrikerJanuary 11, 2023 Comply with MEA Cybersecurity CompliancesJanuary 11, 2023 Becoming an MSSP with Zero Investment Using White-label Approach!January 11, 2023 MDR Complete Visibility, Continuous Monitoring& Advanced Threat Protection withAI-backed Incident Remediation. Read Morhttps://sharkstriker.com/services/managed-detection-and-response/e > Latest Post AllBlog Load More Blog Webinar News Guides Videos Data Sheet Services ← Top 10 ransomware attacks (2022 edition) → Here is all the info about the Microsoft Exchange breach Leave a Reply Cancel replyYour email address will not be published. Required fields are marked *Comment * Name * Email * Website Save my name, email, and website in this browser for the next time I comment.