20 Years Of Cybersecurity Awareness Month: Leveling Up The Basics

Mike Britton is the Chief Information Security Officer at Abnormal Security, a leading behavioral AI-based email security platform. Cybersecurity Awareness Month is here, and like every year, it marks a moment for organizations to reflect on their cybersecurity practices. We know that strong passwords, MFA, software updates and phishing recognition cover the best practice basics. The most effective techniques and tools to support them are evolving, and what worked well five years ago might not work as well today. Using a strong password is required in most organizations, but there is a difference between compliant and quality passwords. A compliant password may stipulate a minimum of seven characters and require both numeric and alphabetic characters. This doesn't necessarily prevent the use of predictable passwords that can be brute-forced. With a dedicated password manager users can create and track dozens of machine-generated passwords that are highly complex, secure, and unique to each application. Using a premium password manager like 1Password is preferable to using a free, browser-based option, but any attempt to improve unique password creation and management can immensely enhance your first line of defense. Most organizations are familiar with MFA, and it's common to see enterprises use two-step verification, like a password plus a one-time code delivered to the user's phone. Outdated software can expose vulnerabilities that create open doors for attackers to infiltrate corporate networks. Automated patch management solutions can free up security teams from hours spent on manual patch updates, doing the job for them more quickly, securely and efficiently. Recognizing phishing attacks is getting harder as more cybercriminals use social engineering to write highly personalized and seemingly legitimate messages that can fool even the sharpest recipients. Security awareness training programs, while important, have largely focused on helping employees spot the telltale signs of a phishing attack, like poor spelling and grammar. With generative AI, threat actors can eliminate these characteristics, making email attacks near-impossible to detect. Security awareness training should be paired with advanced technology to catch any attacks that might slip past the naked eye. Security solutions built natively with AI technology can put organizations in a better position to understand what normal behavior looks like in their email environment and detect deviations that may indicate a potential attack, even when there aren't any overt signs of malicious activity. Even on its 20th anniversary, CSAM continues to push the same advice that we've seen for the last several years. Strong passwords, MFA, software updates and the ability to detect phishing attacks are foundational practices that every security team, no matter how big or small, should be adopting. Keeping up to date with the latest security tools and techniques as they adapt to the shifting threat landscape will be key to keeping your organization safe.

This Cyber News was published on www.forbes.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000


Cyber News related to 20 Years Of Cybersecurity Awareness Month: Leveling Up The Basics

Developing Cybersecurity Awareness Programs for Schools - Schools are increasingly becoming targets for cyberattacks, necessitating the development of robust cybersecurity awareness programs. Ultimately, a comprehensive cybersecurity awareness program is essential for schools to mitigate risks, enhance ...
11 months ago Securityzap.com
Cybersecurity Awareness Campaigns in Education - Cybersecurity awareness campaigns in education are essential to protect digital systems and information. The target audience for cybersecurity awareness campaigns in education includes students, teachers, administrators, and other staff members. ...
11 months ago Securityzap.com
ISB Cybersecurity Awareness Month: Expert Tips - Information Security Buzz spoke with several security experts and asked them, “What’s the one piece of advice that could make a difference?” Their responses highlight that cybersecurity is not one-size-fits-all—each organization must tailor ...
2 months ago Informationsecuritybuzz.com
Student Cybersecurity Clubs: Fostering Online Safety - Student cybersecurity clubs are playing a crucial role in promoting online safety among students. Student cybersecurity clubs play a vital role in this regard, as they provide a platform for students to learn about the latest threats, share best ...
11 months ago Securityzap.com
Cybersecurity Curriculum Development Tips for Schools - With the constant threat of cyber attacks, schools must prioritize the development of a robust cybersecurity curriculum to equip students with the necessary skills and knowledge. This article provides valuable insights and tips for schools aiming to ...
11 months ago Securityzap.com
Fortinet Contributes to World Economic Forum's Strategic Cybersecurity Talent Framework - Shining a light on the cybersecurity workforce challenge, the World Economic Forum recently published its Strategic Cybersecurity Talent Framework, which is intended to serve as a reference for public and private decision-makers concerned by the ...
6 months ago Feeds.fortinet.com
Understanding CAT Culture in Cybersecurity: Collaboration, Awareness, and Training - In the dynamic and ever-evolving landscape of cybersecurity, organizations are increasingly recognizing the importance of fostering a robust security culture to mitigate risks and safe-guard sensitive data. One such approach gaining traction is the ...
7 months ago Cybersecurity-insiders.com
20 Years Of Cybersecurity Awareness Month: Leveling Up The Basics - Mike Britton is the Chief Information Security Officer at Abnormal Security, a leading behavioral AI-based email security platform. Cybersecurity Awareness Month is here, and like every year, it marks a moment for organizations to reflect on their ...
1 year ago Forbes.com
Q&A: How One Company Gauges Its Employees' Cybersecurity 'Fluency' - Professional services firm TAG.Global now requires that all of its employees complete a cybersecurity fluency assessment test as a way to raise awareness on threats and to reinforce responsibility for information security among its users. Talhouni ...
10 months ago Darkreading.com
Cybersecurity Awareness Month: Microsoft resources for security teams | Microsoft Security Blog - Help educate everyone in your organization with cybersecurity awareness resources and training curated by the security experts at Microsoft. The report found that 10.4% of phishing simulation participants clicked the email phishing link they were ...
2 months ago Microsoft.com
How to become a cybersecurity architect - Cybersecurity architects implement and maintain a comprehensive cybersecurity framework to protect their company's digital assets. The cybersecurity architect position is a fundamental role that all organizations need, said Lester Nichols, director ...
5 months ago Techtarget.com
Cybersecurity Training for Business Leaders - This article explores the significance of cybersecurity training for business leaders and its crucial role in establishing a secure and resilient business environment. By examining the key components of effective training programs and the ...
10 months ago Securityzap.com
Growing threats outpace cybersecurity workforce - The cybersecurity skills shortage threatens the well-being and even survival of numerous businesses as cybersecurity threats grow more numerous, sophisticated, and dangerous to the point that cybersecurity groups have vowed not to pay ransom demands. ...
10 months ago Legal.thomsonreuters.com
The Importance of Cybersecurity Education in Schools - Cybersecurity education equips students with the knowledge and skills needed to protect themselves and others from cyber threats. Cybersecurity education can teach students about the impact of cyberbullying, how to prevent it, and how to respond ...
11 months ago Securityzap.com
Cybersecurity Awareness Doesn't Cut It; It's Time to Focus on Behavior - I know I shouldn't drink Diet Coke, but every few weeks I find myself happily sipping from another silver can. Heck, it even says right on the can, "Warning: Contains phenylalanine." But awareness of some mysterious chemical isn't going to stop me ...
1 year ago Darkreading.com
How to Safeguard Your Data Through Security Awareness Training? - As cybercriminals employ increasingly advanced tactics, IT security awareness training becomes a pivotal defense mechanism. This article delves deeper into the imperative of such training and provides actionable tips to enhance the effectiveness of ...
7 months ago Cybersecurity-insiders.com
Key cybersecurity skills gap statistics you should be aware of - As the sophistication and frequency of cyber threats continue to escalate, the demand for skilled cybersecurity professionals has never been bigger. The skills gap is not merely a statistical discrepancy; it represents a substantial vulnerability in ...
11 months ago Helpnetsecurity.com
What the cybersecurity workforce can expect in 2024 - For cybersecurity professionals, 2023 was a mixed bag of opportunities and concerns. The good news is that the number of people in cybersecurity jobs has reached its highest number ever: 5.5 million, according to the 2023 ISC2 Global Workforce Study. ...
11 months ago Securityintelligence.com
Gamification in Cybersecurity Education - Gamification has become increasingly prevalent in numerous domains, including cybersecurity education. Gamification presents a promising approach to meet this challenge, making cybersecurity education both effective and enjoyable. One way to ...
11 months ago Securityzap.com
Cyber Employment 2024: Sky-High Expectations Fail Businesses & Job Seekers - Well-publicized estimates of a massive shortfall in cybersecurity workers have resulted in high expectations among job seekers in the field, but the reality often falls flat, because of a mismatch between companies' requirements and job seekers' ...
11 months ago Darkreading.com
Passkeys And Cybersecurity Awareness: A New Era Of Business Security - Again, in line with Cybersecurity Awareness Week, consider using password managers—a great tool to store and manage passkeys that provides a seamless way to integrate advanced authentication methods while keeping credentials safe and easily ...
2 months ago Informationsecuritybuzz.com
Understanding the New SEC Rules for Disclosing Cybersecurity Incidents - The U.S. Securities and Exchange Commission recently announced its new rules for public companies regarding cybersecurity risk management, strategy, governance, and incident exposure. "Currently, many public companies provide cybersecurity disclosure ...
1 year ago Feeds.dzone.com
Digital Learning Tools for Cybersecurity Education - In the field of cybersecurity education, digital learning tools have become indispensable. This article explores various digital learning tools tailored specifically to cybersecurity education. These digital learning tools play a crucial role in ...
11 months ago Securityzap.com
Lost in Translation: Mitigating Cybersecurity Risks in Multilingual Environments - With increased connectivity and linguistic diversity comes a new set of cybersecurity risks. This article will delve into the unique cybersecurity challenges in multilingual environments, focusing on solutions and best practices to mitigate such ...
11 months ago Cyberdefensemagazine.com
Cybersecurity Workshops for Students - Cybersecurity workshops for students serve as an effective means to educate and empower the younger generation in protecting their digital assets. With proper planning and organization, cybersecurity workshops enable students to navigate the digital ...
11 months ago Securityzap.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)