From data breaches affecting multi-million dollar corporations to ransomware targeted at the health-care industry to the real-life repercussions of insulin pump hacking, cybersecurity threats are everywhere. Emphasized by both the current President and both major political party nominees as well as the director of the FBI, it is apparent that cybersecurity is a serious concern for the nation.
Because of these impending threats, it is important for awareness of cybersecurity to be a nationwide occurrence. This October marks the thirteenth year of celebrating National Cyber Security Awareness Month (NCSAM). Created by the National Cyber Security Alliance (NCSA) in collaboration with the Department of Homeland Security’s National Cyber Security Division (NCSD), the observance of this month has grown both in popularity and in importance.
In addition to being the thirteenth year of the month’s observance, it is also the sixth year of the STOP. THINK. CONNECT. campaign. This campaign is a movement to promote simple cyber-awareness for all individuals which they can use every single time they access the Internet. The steps are quite clear:
STOP: make sure security measures are in place. THINK: about the consequences of your actions and behaviors online. CONNECT: and enjoy the Internet.
The STOP. THINK. CONNECT. campaign is the focus for the first week of National Cyber Security Awareness Month, with the subsequent weeks’ topics including harboring a cybersecurity culture in the workplace, recognizing and combating threats, examining the future of tech and IT security, as well as emphasizing the importance of critical infrastructure. While it is important for individuals to be cyber-aware, it is equally if not more important for businesses to know their risks as well.
All Businesses Need Cybersecurity
Different things come to people’s minds when they think about cybersecurity in relation to business. For some, they think of the statistics surrounding small-to-medium-sized businesses such as how 71% of cyber attacks target SMBs. For others, the data breaches of major corporations such as Target and Sony come to mind. In reality, all of these entities have a dire need for cybersecurity. There is no silver bullet when it comes to securing cyber defenses, however, so it is important for companies of all sizes to put in place multiple layers of protection against threats. Some key precautions that need to be implemented regardless of size or industry of a business include:
- Anti-virus Protection—Utilizing an anti-virus software is one of the most basic ways to protect a company’s computers and system. A strong anti-virus software is necessary in order to detect and remove viruses before they harm your system.
- Firewall Implementation—Use of a firewall helps secure your network from cyber attacks by preventing them from accessing your system in the first place. Though there are both software and hardware options when it comes to firewalls, for businesses, it is recommended that hardware firewalls, especially Next-Generation Firewalls, be used since these protect whole systems compared to their software cousins that only protect the individual computer on which they are installed.
- Network Monitoring—Network monitoring, be it performed internally or provided externally through a cybersecurity partner, is a crucial aspect of cybersecurity defense. This service notifies the network administrator of any oddities such as intrusion detection and overloaded servers, which can help them to fix these issues quickly. Simply setting up cybersecurity will not be enough, these defenses need to be monitored often so that a company knows where its weaknesses lie.
- Employee Education—While employees are often a company’s greatest asset, they can also be its greatest cybersecurity threat. Malicious actors do make up a large portion of the threat, however, a major, fixable component is a lack of employee knowledge. The easiest way to fix this is to have company-wide training on various cyber-threats including phishing, able to trick nearly a third of employees, as well as ransomware threats. These two cybercrimes are the most egregious according to the FBI and are increasingly becoming their focus in the fight against cybercriminals, so it is especially important to educate employees in these areas. By educating employees, a company can both strengthen their cybersecurity defenses, as well as empower their employees to be more accountable for their behavior online.
Our Shared Responsibility
The major theme with National Cyber Security Awareness Month is the idea of a collective accountability when it comes to cybersecurity defenses. We are all connected through the Internet, and because of this, the NCSA emphasizes that it is our shared responsibility to protect this shared resource. This sentiment cannot be better summarized than by the following quote,
No individual, business or government entity is solely responsible for securing the Internet. Everyone has a role in securing their part of cyberspace, including the devices and networks they use. Individual actions have a collective impact and when we use the Internet safely, we make it more secure for everyone. If each of us does our part—implementing stronger security practices, raising community awareness, educating young people or training employees—together we will be a digital society safer and more resistant from attacks and more resilient if an attack occurs.
If you would like to find out more about National Cyber Security Awareness Month, please visit https://staysafeonline.org/ncsam/ to learn more about how you can get involved. If you would like to enhance your own cybersecurity defenses, regardless of the size of your company, please contact Axiom Cyber Solutions to see how our managed cyber solutions can help you get and stay secure.
Hailey R. Carlson | Axiom Cyber Solutions | 10/07/2016