Welcome to National Cybersecurity Awareness Month for October 2021!!!
Cybersecurity Awareness Month – observed every October – was created as a collaborative effort between government and industry to ensure every American has the resources they need to stay safer and more secure online. Cybersecurity Awareness Month was launched by the National Cyber Security Alliance and the U.S. Department of Homeland Security (DHS) in October 2004 as a broad effort to help all Americans stay safer and more secure online.
Since its original inception under leadership from the U.S. Department of Homeland Security and the National Cyber Security Alliance, Cybersecurity Awareness Month has grown exponentially, reaching consumers, small and medium-sized businesses, corporations, educational institutions and young people across the nation. Now in its 18th year, Cybersecurity Awareness Month continues to build momentum and impact co-led by NCSA and the Cybersecurity and Infrastructure Agency (CISA).
This month, in addition to the normal monthly Security Awareness Training session, we did something special! Every Monday in October from 12:15pm – 1:00pm EST I hosted a Zoom Meeting where we reviewed a new topic. We’ll be reviewing Infographics, Awareness Posters & Tips and we’ll review some videos, pay a game and discuss the themes for each week.
These were not mandatory meetings, but instead complimentary opportunities to give everyone a little more ammunition this month as Business Email Compromise & Phishing Attacks (Whale/Spear/Smishing/Vishing/Plain-Old-Phishing) are increasing at an exponential rate. If you have time, feel free to watch the videos below. Each one is from our Weekly Lunchtime Cyber-session!
Week 1: October 4th – October 8th
Good Morning & Happy National Cybersecurity Awareness Month!
We are currently at Week 1’s theme which is BE CYBER SMART!
As our lives have become increasingly dependent on technology, virtually all personal and business data is kept on internet-connected platforms, which can become a gold mine for bad actors. The first full week of Cybersecurity Awareness Month will highlight best security practices and focus on general cyber hygiene to keep your information safe. Own your role in cybersecurity by starting with the basics. Creating strong passwords and using multi-factor authentication, backing up your data, and updating your software are great places to start. This is a great way to Do Your Part #BeCyberSmart!
For Week 1, we’re talking about Social Engineering Red Flags, Mobile Device Security & Awareness Tips. Some documents we’ll be reviewing are:
- An Infographic on Email Phishing Red Flags
- An Awareness Tip Sheet on Phishing
- An Awareness Poster on Social Engineering.
Here are the 2 Awareness video’s we’ll be watching:
- Mobile Device Security
- Hackers want to use your mobile device as a gateway to your organization’s data. This interactive module puts the power in our hands so we can protect that data. We will learn about the dangers surrounding Bluetooth, Wi-Fi, apps, and even human error. We will also learn how to protect our organization from these threats, then apply this knowledge in three real-life scenarios.
- 2021 Social Engineering Red Flags
- Join Jenny Radcliffe, world-renowned social engineer and security expert, as she shares her first-hand knowledge of the threats you face on a regular basis from cybercrime. She’ll help you to recognize them by letting you know what red flags, or signs of danger or a problem, to be on the lookout for. Most importantly, she will let you know what steps you can take that will reduce the chances that you and your organization become the hacker’s latest victim
Week 2: October 11th – 15th
Good Morning & Happy National Cybersecurity Awareness Month!
We are now in Week 2 and our Theme for this week is FIGHT THE PHISH!
Phishing attacks and scams have thrived since the COVID pandemic began in 2020 and today, phishing attacks account for more than 80 percent of reported security incidents. Week 2 of Cybersecurity Awareness Month will stress the importance of being wary of emails, text messages, chat boxes or phone calls that come from a stranger or someone you were not expecting. Think before you click on any suspicious emails, links or attachments and make sure to report any suspicious emails if you can! Although last week’s topic helped us prepare for the Front-End of Phishing Attacks by reviewing Social Engineering Red Flags & Mobile Device Security, we’re going to be diving into the set-up for other Phishing Attacks like Vishing & Smishing and discuss what Pre-Texting is.
So, for Week 2, we’re going to be talking about Pre-Texting, Tailgating, Blocking Mobile Attacks & Social Engineering. We’ll be reviewing some documents that were attached to the invitation:
- An Infographic on 20 Ways to Block Mobile Attacks
- An Awareness Tip Sheet on Social Engineering
- An Awareness Poster on Tailgating
We’ll be reviewing tips on Fighting the Phish, I’m going to be sharing 1 Awareness video and we’ll play 1 Game:
- KnowBe4 Pretexting – Fake IT Attack
- In this short video module Kevin Mitnick (world renowned security consultant, public speaker and author) and Rachel Tobac (social engineer and the CEO / Co-founder of SocialProof Security) roleplay a social engineering attack using pretexting. Pretexting is a form of social engineering where the attacker lies to obtain restricted information. In this attack, Kevin explains how he is able to steal the local password and the password for the HR system by pretending to be a member of the IT team.
- 2021 Danger Zone
- Oh no! A hacker is inside your organization and has spotted an unlocked workstation. It is a race against time! Answer security awareness training-related questions correctly, and you will move closer to the workstation. Answer incorrectly, and the hacker will move closer. Stop the hacker, get to that workstation, and save the organization. Game on!
Week 3: October 18th – 22nd
Good Morning & Happy National Cybersecurity Awareness Month!
We are now at Week 3 and this week’s theme is EXPLORE, EXPERIENCE, SHARE!
As per the National Cybersecurity Alliance, Week 3 of Cybersecurity Awareness Month should highlight the Cybersecurity Career Awareness Week led by National Initiative for Cybersecurity Education (NICE). This is a week-long campaign that inspires and promotes the exploration of cybersecurity careers. Whether it’s students, veterans, or those seeking a career change, the dynamic field of cybersecurity is rapidly growing and has something for everyone. If you have an interest in Cybersecurity Career Awareness Week, take a look at the NIST website where this week is specifically outlined: https://www.nist.gov/itl/applied-cybersecurity/nice/events/cybersecurity-career-awareness-week. If you have questions on Cybersecurity careers or certifications for you or your family, please feel free to reach out to me and I will attempt to point you in the right direction.
However, I am still planning on taking this opportunity to share some other Security Awareness information this week. So, for Week 3, we’re going to be talking about Your Role in Internet Security & Creating Strong Passwords. We’ll review some goodies which were attached to the original invitation, which are:
- An Infographic on The Red Flags of Rogue URLs
- An Awareness Tip Sheet on Security Awareness Training
- An Awareness Poster on Don’t Be a Target for Cybercriminals
We’ll also be reviewing tips on Staying Secure! We’ll be reviewing 2 Awareness videos:
- 2021 Your Role: Internet Security and You
- Your Role helps the average employee to understand today’s threat landscape and see that the threats out there are more common than they might think. Whether they are new or needing a refresher on cybersecurity, they will gain a healthy sense of suspicion as they explore their role in keeping their organization secure against these threats. By learning how to spot a cyberattack, an employee can make smarter security decisions every day and help prevent a cybercrime attack that would put their organization and themselves at risk.
- Creating Strong Passwords – Security Awareness Training
- A whopping 81 percent of data breaches used stolen or weak passwords. This module covers important rules for creating strong passwords, including the latest trend in password security — the passphrase. You will also discover ways you can keep your passwords secure.
Week 4: October 25th – 29th
Good Morning & Happy National Cybersecurity Awareness Month!
Well, October sure did come and go, but don’t fret, we have 1 more Theme & Topic to discuss. We are now at Week 4 of National Cybersecurity Awareness Month and the Theme is CYBERSECURITY FIRST.
As per the National Cybersecurity Alliance, Week 4 is all about making security a priority. For businesses, this means building security into products and processes. Make cybersecurity training a part of employee onboarding and equip staff with the tools they need to keep the organization safe. For individuals, keep cybersecurity at the forefront of your mind as you connect daily. Before purchasing a device or online product, do your research. When you set up a new device or app, consider your security and privacy settings and update default passwords. Cybersecurity should not be an afterthought.
Well, anyone can plainly see that we do not take Security lightly OR as an Afterthought! This final week we’ll be discussing Avoiding Cybercrime Anywhere, Password Security & Staying Safe in the Cloud. We will be reviewing an Infographic on 20 Ways to Avoid Cybercrime from Anywhere, Awareness Tips on Password Security & A Poster on CEO Fraud.
We’ll be watching 1 short video and reviewing some tips on Cloud safety:
- Password Management with Kevin Mitnick
- Kevin Mitnick, KnowBe4’s Chief Hacking Officer, shares his tips on password management best practices and his method of creating passphrases.
- Staying Safe in the Cloud
- Using the cloud doesn’t mean we don’t need to have a security mindset. This training module briefly explains what the cloud is and some of the security threats that exist. It then illustrates attitudes and behaviors that reduce the risks from those threats.