This October is Cyber Security Awareness Month, an event designed to educate people about information security and the steps they can take to stay safe online.
Now in its nineteenth year, the campaign provides tools and resources to help people learn more about the cyber security industry and the ways they can get involved.
This yearâs event focuses on phishing and ransomware â two of the biggest threats that organisations currently face.
According to Proofpointâs 2022 State of the Phish Report, 83% of organisations fell victim to a phishing attack last year. Meanwhile, Verizonâs 2021 Data Breach Investigations Report found that 25% of all data breaches involve phishing.
The attack method is often used to deliver ransomware, which itself is responsible for significant damage. Our research discovered more than 100 publicly disclosed ransomware attacks in the first half of 2022, with intrusions shuttering businesses and creating huge financial problems.
Getting involved
There are events being held throughout October as part of National Cyber Security Awareness Month. Both national governments and private organisations have supported the campaign and are running programmes online and in person.
You can find a full list of events on Stay Safe Online, where you can also find information security tips.
The theme of this yearâs campaign is âSee Yourself in Cyberâ, and individuals are encouraged to get involved online with the hashtag #BeCyberSmart.
A key component of that is protecting yourself from scams. The campaign reminds people that: âThe signs can be subtle, but once you recognize a phishing attempt you can avoid falling for it.
âBefore clicking any links or downloading attachments, take a few seconds (like literally 4 seconds) and ensure the email looks legit.â
The campaign also highlights the benefits of multi-factor authentication, strong passwords and regularly updating software.
How IT Governance can help
You can also follow the latest developments with Cyber Security Awareness Month by following us on LinkedIn. Weâll will provide the latest updates on the campaign to help you get involved in events near you.
Plus, our experts will provide quick and simple tips to boost your cyber security awareness. Did you know, for example, that one of the most effective ways to boost your defences is also one of the simplest â ensuring that your accounts are protected by strong, unique passwords.
This applies not only to login credentials but also to databases and other sensitive information that you store online. The InterContinental Hotel Group was recently caught out by a cyber attack, after criminal hackers discovered a database protected by the password âQwerty1234â.
The breach enabled the attackers to access the most sensitive parts of the hotel giantâs computer systems, and ultimately led to a phishing attack in which an employee was duped into downloading malware that destroyed huge volumes of sensitive data.
Another top tip for preventing cyber attacks is to test your employees with Phishing Challenge E-learning Game. These are messages that use the same techniques as genuine scams without the malicious payload.
The attacks give you the opportunity to monitor how your employees respond to a bogus email. Do they click a link right away? Do they recognise that itâs a scam and delete it? Do they contact the IT team to alert them of the threat?
Simulated phishing is an essential technique in an organisationâs cyber security practices. It complements traditional staff awareness training to assess the effectiveness of your programme in a real-world scenario.
