Cybersecurity Awareness Should be More than a Month

“If you connect it, protect it!”

Cybersecurity Awareness Month ends as a new cybercrime activity report sees malware samples growing by 11.5%

The 17^th year of National Cybersecurity Awareness Month officially wrapped up this past October. Launched in 2004 by the National Cybersecurity Alliance and the U.S. Department of Homeland Security, the month is intended “to ensure every American has the resources they need to stay safer and more secure online.” 

While its original safety and security mission remains unchanged, Cybersecurity Awareness Month’s themes have transformed in the years since its inception, as the world of cybersecurity and cybercrime has shifted. (The 2004 key message focused on the reminder to “update your antivirus software twice a year”—oh, for the good ole days!) The 2020 theme recognized the role that every connected individual and organization plays in cybersecurity. The theme “Do Your Part. #BeCyberSmart.” and the tagline “If you connect it, protect it.” encouraged individuals and organizations “to own their role in protecting their part of cyberspace.”

Studies support the need for every connected individual and organization to do their part to prevent and slow cybercrime. The Q2 2020 cybercrime activity report from a well-known cybersecurity firm cited an average of 419 new threats per minute, with overall new malware samples growing by 11.5%.

This same study reported COVID-19-themed cyber-attack detections increasing by 605% in Q2 2020, PowerShell malware surging by 117%, and attacks on cloud services users reaching almost 7.5 million.

There is no doubt that cybersecurity has become far more complicated, with something as simple as a smart lightbulb now having the ability to transmit malware. With increased global connectivity through portable devices, such as laptops, mobile phones, and tablets, comes the need to not only protect but also educate the average consumer to help them understand what today’s cybercrime looks like and what they need to do to protect themselves and the organizations they work for and associate with. 

In the 17 years since the first cybersecurity awareness month, we’ve also seen increasingly sophisticated threats, with cybercriminals becoming savvy psychologists (some may say sociopaths) as “socially engineered cyberthreats” play upon the average individuals’ anxieties around global uncertainty, natural disasters or terrorist threats. Cybercriminals have also become talented marketeers, producing highly realistic looking emails and phishing-focused websites that can entice even the most cyber-aware individuals.

National Cybersecurity Awareness month is a great promotional tool. Still, to ensure the effectiveness of its messages, individuals and organizations worldwide need to begin thinking about cybersecurity every day, with every single email that shows up in an inbox, with every document that is opened and with every web link that is clicked.

Individuals and organizations also need to recognize that cybersecurity isn’t just up to IT professionals. Group vigilance and creativity are essential. As we mentioned in this previous blog article, legal professionals can leverage existing regulations to stop criminal activity; recruiters and HR professionals can more broadly define the skills needed for cybersecurity positions; and individuals can apply some basic safety rules, such as not clicking on links and attachments in suspicious emails.

Cybersecurity is a group effort that covers both the office and the home and requires the support of everyone that touches a digitally connected device.

Remember—“If you connect it, protect it!”