October is a BIG month for cyber security awareness and presents a great opportunity for organisations to promote cyber security awareness and #becyberwise.
Cyber attacks are still on the rise and your employees and vendors are more susceptible than ever to attacks like phishing and social engineering. Cybercriminals are constantly developing more sophisticated and targeted tactics to exploit both people and vulnerabilities.
According to the ACSC, one cybercrime is reported every 7 minutes.
In Australia, October is Cyber Security Awareness Month and it’s an annual reminder for all Australian’s to stay secure online. The Australian Cyber Security Centre (ACSC) leads the Australian Government’s efforts to improve cyber security.
The theme for 2023 is ‘Be cyber wise – don’t compromise’. There are 4 simple steps you can take to be cyber wise and significantly boost your cyber security:
- Update your devices regularly
- Turn on multi-factor authentication
- Back up your important files
- Use passphrases and password managers
Meanwhile, in the United States, October is also Cyber Security Awareness Month. The event runs all month and aims to raise awareness about the importance of cybersecurity. 2023 marks 20 Years of Cybersecurity Awareness Month. Cybersecurity Awareness Month 2023 will focus on four key behaviours all month long:
- Use strong passwords and a password manager
- Turn on multifactor authentication
- Recognize and report phishing
- Update software
10 Ways to Promote Cyber Security Awareness
Don’t miss this opportunity to reinforce the importance of cyber security within your organisation. What will you do to raise awareness and encourage people to #BeCyberWise?
Here is our list of 10 things you can do during Cyber Security Awareness Month:
- Plan ahead. Work with your Human Resources, Risk Management and Communication teams in a rollout plan to engage and reach as many employees as possible.
- Set the ‘tone from the top’ by creating a culture of cyber security awareness. The entire C-suite needs to understand and embrace cybersecurity efforts. Cyber security habits are best learned through management taking the lead.
- Review or audit your cyber security touchpoints. Is cyber security awareness part of onboarding? How often does your organisation communicate about cyber security? Which vendors pose the highest cyber risk for your organisation?
- During the pandemic, many employees may still be working from home. Conduct on-line cyber security awareness training sessions. Awareness training should reinforce that it is everyone’s role to #BeCyberWise and stress the importance of cyber security at work and at home.
- Run a simulated phishing campaign to evaluate employee behaviour on receipt of a socially engineered phishing email, analyse results and provide a report of the results to all staff.
- Review and update key elements of your IT-Disaster Recovery Plan or Data Breach Incident Response Plan.
- With cyber attacks and third party data breaches on the rise, conduct a Crisis Management Team simulation exercise covering one of these risks.
- Provide management a high level presentation covering the concept of operation of the Data Breach Incident Response Plan.
- Run on-line games and quizzes such as crosswords and find a word with cybersecurity words as the central theme.
- Reward good behaviour and people who embrace cyber security. Rewards don’t have to be expensive – small gift vouchers are often enough and always appreciated.
Want to Strengthen Cyber Resilience?
InConsult is an ACSC partner and we strongly encourage all organisations to get involved in Cyber Security Awareness Month. Contact us if you would like help in planning or conducting cyber awareness training or email phishing campaigns.
Remember that whatever you do, it’s all about keeping cyber security front of mind! Check out InConsult’s Cyber Risk Management capabilities to find out how we can help you build a more resilient organisation. Our cyber risk management services include:
- Gap Analysis of your Cyber Security and Resilience
- Cyber Risk Governance Framework Review
- Cyber Risk Governance Framework Development
- Third-Party Vendor Review and Cyber Risk Analysis
- Cyber Risk Awareness Training and Internal Campaigns
- Email Phishing Campaigns
- Cyber Incident Response
- Post-Cyber Incident Review
- Crisis Team Familiarisation Training
Be more resilient to a wide range of cyber risks and contact us to discuss how we can help strengthen your cyber security posture.
#staysecureonline #becyberwise #CyberSecurityAwarenessMonth2023