Skip to content

Why Should You Participate in the Cybersecurity Awareness Month

Reading time: 8min33

For some time now, the cybersecurity aspect has not been restricted to the environment of large organizations. Malicious attackers have been targeting their criminal activities on companies and individuals every day, greatly increasing cyber risks. In this case, the main motivations of these agents are to improperly steal personal and sensitive data, modify settings on devices, and gain unauthorized access through privileged credentials. And with cyber risks increasingly associated with business risks, the consequences of phishing or ransomware attacks can be disastrous for any company.

For these reasons, since 2003, October has been established as the month of cybersecurity awareness in places like Europe and North America. This initiative was conceived through a partnership between governments and the private sector, to increase the level of awareness regarding digital security and empower individuals and organizations to protect their data from the action of digital criminals. And when it comes to cybersecurity, small actions can make a huge difference in ensuring digital sovereignty over data.

According to Verizon’s 2022 Data Breach Investigations Report, 82% of cyberattacks involved the human aspect. This is because it is useless for organizations to increase their cybersecurity budgets and invest in state-of-the-art cybersecurity solutions without addressing the weakest link in the chain: people. Yes, cybersecurity may seem like a complex issue, but at the end of the day, it is all about people.

Precisely for this reason, the Cybersecurity and Infrastructure Security Agency (CISA) in the United States has elected the theme “See Yourself in Cyber” for the cybersecurity awareness month campaign in 2022. This year, the American campaign focuses on four user behaviors that can make a big difference between being a victim of a cyberattack and not.

They are as follows:

Enable Multi-Factor Authentication (MFA)

MFA adds a layer of security to the user authentication process, and is one of the simplest methods of increasing the level of cybersecurity. For this, the user is required to combine two or more forms of identity verification. This can be through something the user knows (a password), something associated with who they are (such as biometrics), or something they have (such as an access token);

Use Strong Passwords and a Password Manager

Using a strong password makes it very difficult for malicious agents to guess the password or carry out brute-force attacks. However, it is worth remembering that, if the user uses the same strong password in several services, they may still be the victim of an attack called credential stuffing. In this type of attack, an attacker uses a leaked password from one service to perform an attack attempt on another service the user has access to. Therefore, to further increase the level of security, it is recommended that users use password generation and management solutions, including Privileged Access Management (PAM) tools.

Upgrade Software

Malicious agents try to exploit vulnerabilities in device operating systems such as computers, tablets, and smartphones every day. This is not surprising, considering that these devices store a huge amount of information from people and organizations, such as their online habits as well as personal and financial data. Thus, enabling automatic updating mechanisms to keep your devices’ software up-to-date is an effective way to protect yourself against financial, data, and credential theft.

Recognize and Report Phishing.

Who does not know someone who has been the victim of a phishing attack? In this type of cyberattack, attackers use emails, social media posts, or messages to trick the user into clicking a link or downloading a malicious file. When this occurs, the user may allow the attacker to steal the data stored on the devices or even encrypt data, preventing access by the victim until a ransom amount is paid. In this case, it is important not to click on any link (including an unsubscribe button) or open attachments until the veracity of the message can be verified. If a phishing attempt is detected, the user must delete the message immediately and report the attempt to the respective provider.

In Europe, the European Union Agency for Cybersecurity (ENISA) is organizing the tenth edition of the cybersecurity awareness month together with the European Commission and member states. In 2022, the themes of the campaign in the European Union are phishing and ransomware, subjects in common with the American campaign.

Moreover, through the campaign’s official website (https://cybersecuritymonth.eu/), one can have access to a series of materials and resources that address the topic of cybersecurity. These resources include blog articles and rich content, as well as tests to verify user knowledge of cybersecurity, and a help session with frequently asked questions about the subject.

Here at senhasegura, it is no different: throughout October, we will offer exclusive content on the subject of cyber awareness. This content includes tips on how to create an efficient cybersecurity awareness campaign, as well as topics that should be present in these campaigns. In addition, we have content presenting what solutions should be implemented in companies to increase the level of cybersecurity and a webinar describing what Information Security leaders should do if they are victims of a cyberattack.

Download the guide

About Version 2
Version 2 is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Senhasegura
Senhasegura strive to ensure the sovereignty of companies over actions and privileged information. To this end, we work against data theft through traceability of administrator actions on networks, servers, databases and a multitude of devices. In addition, we pursue compliance with auditing requirements and the most demanding standards, including PCI DSS, Sarbanes-Oxley, ISO 27001 and HIPAA.

×

Hello!

Click one of our contacts below to chat on WhatsApp

×