Counties can lead during October's Cybersecurity Awareness Month

Key Takeaways

So much has changed in the 20 years since October was first named Cybersecurity Awareness Month, from the onslaught of social media and the invention of the cell phone to the proliferation of internet connected devices such as cameras, baby monitors and digital assistants.

No wonder that our society is faced with a barrage of cyber threats every day.

Do more

Sign up to become a Cybersecurity Awareness Month Champion. Visit CISA’s campaign partner, National Cybersecurity Alliance, to sign up for their campaign updates, newsletter, and more!

Consequently, the importance of cyber defenses has become even more critical for both work and personal lives. In recent years, the Cybersecurity and Infrastructure Security Agency (CISA)has partnered with the National Cybersecurity Alliance, offering more resources, toolkits and guidance to help build a strong cybersecurity education campaign for your employees and other stakeholders.

For this year the focus is on four key behaviors. These themes sound familiar because they have been a focus in years past. And they still are.

• Use strong passwords and a password manager – tips here include longer passwords or phrases that are hard to guess and are unique
• Turn on multifactor authentication (MFA) – MFA provides an extra layer of security by requiring a second method to confirm your identity, such as a pin sent via email or cell phone text
• Recognize and report phishing – while this is becoming more difficult to recognize due to generative AI, still looking for misspellings and don’t respond to requests for personal and/or financial information. Rather report the email to your IT helpdesk or support
• Update software – For your work device, remember those “pesky” notifications are intended to protect you. So don’t delay; click yes to install the software update

Following these themes, counties are encouraged to take action to promote cyber awareness during the month of October. Activities can include:

• Lunch-n-learn sessions based on the weekly theme
• Weekly emails with reminders and practical tips
• Games and prizes for identifying phishing emails or other cyber risky behavior
• Videos with quizzes at the end to test end user knowledge
• Social media posts
• Events partnering with local educational institutions
• Stickers, posters, infographics
• Table-top or simulation exercises

These are just a few ideas, more opportunities for education can be found through these additional resources:

CISA Cyber Hygiene Services - CISA offers several scanning and testing services to help organizations reduce their exposure to threats by taking a proactive approach to identify and notify organizations of occurring or emerging threats.

CISA Cybersecurity Training and Exercises - Training is essential for keeping workers knowledgeable on cybersecurity. These resources provide access to cybersecurity training and workforce development materials to develop a more resilient and capable cyber nation.

NCA Resources and Guides - The National Cybersecurity Alliance provides articles and other resources you need to raise awareness at home, work, school, or throughout your community.

 National Initiative for Cybersecurity Education (NICE) Cybersecurity Career Awareness Week - Join NICE in promoting awareness & exploration of cybersecurity careers by hosting an event, participating in an event near you, or engaging students with cybersecurity content!

In closing, CISA and CSA are taking it one step further by announcing the launch of a new enduring theme called “Secure Our World”. October should not be the only month that cyber tips and best practices are shared; this effort should be year-round and twenty-four/seven! Watch for more guidance and resources throughout the year, not just the weeks leading up to October.