Ben Franklin said nothing is certain in life except death and taxes. Well, I want to add a subset to that. October is certain to bring pumpkin spice lattes and Cybersecurity Awareness Month (although I am not digging that August brought Halloween candy to the grocery store aisles this year, a full two months early for the spooky holiday).
Cybersecurity Awareness Month (CSAM) was launched by the National Cyber Security Alliance (NCSA) and the U.S. Department of Homeland Security in October 2004 and is an annual campaign to raise awareness about cybersecurity. We take this very seriously. So seriously, that CyberRes, a Micro Focus Line of Business, is a CSAM champion, pledging to help promote a safer, more secure and more trusted Internet and help keeps orgs out of the headlines for data breaches.
Getting the Government Involved in Cybersecurity
Although the month long event is co-led by NCSA and the Cybersecurity and Infrastructure Agency (CISA), it is a collaborative effort between government and industry to ensure every American has the resources they need to be safer and more secure online. The US Government in the year 2021 seems to really be putting their money where their mouth is, so to speak.
On May 12, 2021, President Joe Biden issued an executive order (EO) on cybersecurity to help improve the state of national cybersecurity in the US and to increase protection of government networks following incidents involving SolarWinds and the Colonial Pipeline hack. The Executive Order outlines the need to modernize cybersecurity defenses in the country. It also calls for opening channels for sharing information relating to cybersecurity threats and breach information. This EO is a call to action to implement good security practices, as well as for the Government and private sector to collaborate and communicate.
Security leaders widely cheered the laundry list of requirements handed down by the Biden administration early in September to shore up security across federal government, as reported by SC Magazine. Although, a recent report states that while the US government has made progress on cybersecurity, more work remains.
Cybersecurity Awareness Month Themes
A month is a long time to celebrate anything. Luckily, NCSA breaks it up into weekly themes. Week one, October 4th, is “Be Cyber Smart.” Week two, starting on October 11th, is fight the phish, or “phishing” attacks, the act of bad guys sending seemingly legitimate emails to get the recipient to click on a malicious link or reveal personal information. Week three, starting October 18, is a little different. The theme is Cybersecurity Career Awareness Week, tucking a weekly theme into the month. The month is then rounded out by the week four theme, Cybersecurity First.
Week of October 4 (Week 1): Be Cyber Smart
While the 2021 CSAM theme, ‘#BeCyberSmart’, is good advice for individual users and employees (create strong and unique passphrases, don’t fall for phishing attacks), businesses need to be smart and keep their data safe too. The cost of a data breach, as reported by the Ponemon Institute, goes up every year. It is a smart business decision to bolster cybersecurity spending up front, rather than pay later in regulatory fines, lawsuits, lost productivity, revenue, and more importantly, loss of customer trust.
But how to be “Cyber Smart” and not “Cyber Dumb?” (Cyber dumb, a term I just coined myself, trademark pending, see any major data breach in the last 20 years).
One dumb thing just called out by CISA was the use of single-factor authentication, adding it to their list of bad practices. The smart play is multi-factor authentication (MFA). “To receive the full benefit of an MFA capability, organizations should be sure to implement it across all systems, applications, and resources,” CISA wrote.
Even Cyber insurers are getting into the act to demand more robust security, by demanding firms have Multi-factor Authentication (MFA). Our NetIQ Identity and Access Management solutions are one of the broadest IAM portfolios in the market. Specifically for MFA, NetIQ’s Advanced Authentication framework adds the strongest level of authentication customers require to meet regulatory, industry and client forces – as well as the requirements from cyber insurance providers.
Another dumb thing orgs do? Collect copious amounts of sensitive, personal data and then don’t protect it from hackers or insider threat. Heck, some orgs aren’t even sure where their sensitive data resides. How dumb is that? Smart orgs identify and locate sensitive data and then protect it from prying eyes, whether they originate from inside or outside the org.
Okay, okay, I have one more dumb thing to list: rushing apps out the door without a thought for security, thinking they will catch up to it later via later updates (see Unsecured fitness app database leaks 61M records, highlights health app privacy risks) Not surprising, when apps for contact tracing first started to appear in the summer of 2020 a few months into the COVID-19 pandemic, it was discovered most contact-tracing apps failed basic security.
What can orgs do to be cyber smart around apps? They use of multiple app testing techniques to assess application security risks. Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) already complement each other. By layering dynamic analysis on top of static analysis, orgs gain a valuable additional risk metric which allows them to see a more complete real-world risk picture.
Week of October 11 (Week 2): Fight the Phish
Phishing emails is one of the top causes of ransomware attacks. In 2021, the month of May alone saw a 440% increase in phishing, holding the record for the single largest phishing spike in a single month. But what about the reverse? What about remote workers being their own worst enemy? With the COVID Delta variant still keeping the majority of the nine-to-five workforce at home, remote working is still a thing. Remote workers, in the interest of time or convenience, still resort to communicating via personal, unsecured, email systems. Orgs should ensure all employee email content and all attachments are properly secured and sent to only authorized partners, vendors or customers.
One way to protect emails is to use Voltage Secure Mail. It provides internal and external email encryption from the originator to the intended recipient. Messages remain encrypted throughout their lifecycle until the recipient decrypts the message. Worried that your employees are using personal accounts to send unsecured email? Try a free trial of Voltage SecureMail and see how easy it is to send secure emails and attachments.
And what if those phishing emails and other social engineering techniques work, and bad actors and malware start infiltrating your system? Security Operations teams need to mitigate these threats quickly. ArcSight ESM has a Coronavirus-related Malicious Monitoring package specifically looking for COVID-19-related malware. Another tool to help orgs keep the bad guys out is ArcSight intelligence. It leverages machine learning and behavioral analytics, and helps small SOC teams to quickly and efficiently fight against complex threats.
Week of October 18 (Week 3): Explore. Experience. Share – (Cybersecurity Career Awareness Week)
There is a cybersecurity workforce shortage. Roughly 87% of organizations are experiencing a shortfall of skilled IT security personnel, and the cybersecurity skills shortage is getting worse. And if that wasn’t bad enough news, a recent report points out that of the existing security workforce today, a diversification of the 'homogenous' US cybersecurity workforce needs to happen. What can be done?
A robust security operations center (SOC) should be adept at preventing, detecting, analyzing, and responding to cybersecurity incidents. ArcSight makes the task of security operations easier, even with fewer staff, with the addition of SOAR to its portfolio. ArcSight SOAR brings native Security Orchestration Automation and Response capabilities for faster response times and enhanced efficiency. It’s available free of charge to ArcSight ESM or ArcSight Recon customers. It’s fully adaptable to help security teams improve their efficiency by automating repetitive tasks, improving efficiency, governing incident data and filling employee skills gaps.
Week of October 25 (Week 4): Cybersecurity First
Although CSAM can be consumer focused, businesses need to reassess their cybersecurity practices. Orgs need more than a traditional cyber security solution. They need cyber resilient solutions that are smarter, more intuitive and leverage the power of machine learning to protect their business and solve more complex hybrid use case. Cyber resiliency is more than just protecting data and finding threats. It's a way to accelerate resiliency across your teams and organizations so you can better navigate and respond to the ever-changing threat landscape.
In an ever-changing world with an evolving cybersecurity landscape, for this Cybersecurity Awareness Month, (and the other 11 months too), enterprises need to quickly adapt and create a cyber resilient environment.
Get involved for Cybersecurity Awareness month:
There are many ways that individuals can get involved during Cyber Security Awareness Month, including:
- Follow the CyberRes Twitter handle and the CyberRes LinkedIn page
- Use #BeCyberSmart and #CyberSecurityAwarenessMonth in all your social media messages during the month of October
- Learn how to Stay Safe Online with Online Safety Basics from the National Cybersecurity Alliance
- Organizations can check out how to secure their businesses
Happy October, and although you can’t avoid pumpkin spice flavored drinks (or taxes on that cup of coffee), I hope your org follows good cybersecurity best practices and avoids a cyber-attack or data breach.