Anushika Babu V
October 5, 2022

Why is October selected as cybersecurity awareness month each year?

Table of Contents:

  1. Why is October selected as cybersecurity awareness month?
  2. The theme for October 2022
  • Enabling multi-factor authentication (MFA)
  • Using strong passwords and a password manager
  • Updating software
  • Recognizing and reporting phishing
  1. Emphasis on organizational cybersecurity
  2. What as an organization should you do to implement cybersecurity?
  • Take cybersecurity seriously
  • Train your product team
  • Regularly backup all your data
  • Discard unused services
  • Implement VPN

In a recent study, reported that the typical person uses the Internet for 59 hours weekly. The need for greater cybersecurity awareness is crucial in a time when the Internet is integral to every individual's daily life.

The Department of Homeland Security and the National Cyber Security Alliance first established National Cybersecurity Awareness Month (NCSAM), which is currently in its 18th year. Cybersecurity Awareness Month aims to ensure businesses and individuals are prepared to face the cybersecurity landscape and stay safe online. 

Since its inception, Cybersecurity Awareness Month has grown astronomically, reaching people all over the United States and globally, including consumers, small and medium-sized organizations, corporations, educational institutions, and others. Let's learn more about it!

Why is October selected as cybersecurity awareness month?

National Cybersecurity Awareness Month was established in 2004 through a partnership between the National Cyber Security Alliance and the Cybersecurity and Infrastructure Security Agency (CISA), a division of the US Department of Homeland Security(NCSA). Cybersecurity has become a global necessity, and this month, organizations, governments, and individuals join forces in their commitment to online safety.

Starting in 2009, "Our Shared Responsibility" was chosen as the theme for National Cybersecurity Awareness Month; starting in 2011, a weekly theme was chosen instead. The volume of knowledge that needs to be covered on cybersecurity has inspired the weekly campaigns. 

Every year, fresh trends appear. For instance, ransomware, online data breaches, phishing, and crypto-jacking have become commonplace in the last decade.

According to Online Trust Alliance, over 4 billion individuals used the Internet in 2019 compared to less than 14 million in 1992. Online security flaws exposed more than 5 billion private details in 2018 and 2019.

However, everyone has a role in cybersecurity, which is crucial all year long, not just in October. 

The theme for October 2022

This year's cybersecurity campaign theme is "See Yourself in Cyber.” It shows that although cybersecurity may appear to be a complicated topic, it ultimately comes down to how people respond. 

To ensure that all individuals and organizations make informed decisions now and in the future, whether on the job, at home, or in school, this year’s theme will emphasize the "people" aspect of cybersecurity. 

By developing your own cyber awareness campaigns and disseminating this messaging among your peers, people are encouraged to participate in this year's efforts.

 The overarching theme “See Yourself in Cyber” focuses on four essential actions rather than weekly themes. Additionally, it is built around a risk-based methodology. These actions include:


Enabling multi-factor authentication (MFA)

The main advantage of MFA is that it increases your company's security by forcing users to provide identification other than a login and password. Although crucial, usernames and passwords can be stolen by other parties and are subject to brute force assaults.

Using strong passwords and a password manager

The first line of security against unwanted access to your computer and personal information is provided by passwords. Your computer will be more secure from hackers and bad malware if your password is strong. Strong passwords should be used for every account on your organization's computer.

Updating software

Software update reminders might occasionally stop you if you have one or more proprietary software programs installed on your company PCs. They can be a little bothersome, particularly if they appear when you're focused on something crucial. While it may be tempting to ignore such software updates and carry on, it is not the wisest course of action regarding cybersecurity. 

Recognizing and reporting phishing

One of the deceptive methods of social engineering used by cybercriminals to trick users into divulging sensitive information such as personally identifiable information (PII), financial information, trade secrets, account credentials, etc., is known as a phishing attack.

Phishing attacks are frequently carried out via emails. By seeming to be a dependable and trustworthy source in the email, the attacker psychologically manipulates the users into believing they can trust him with their information and assist him in carrying out the intended operation. Thus, it is essential to recognize and report phishing attacks. 


Emphasis on organizational cybersecurity

New threats surface every hour of every day in today's technological world. Connecting to the Internet increases the likelihood that a hacker may target your company. Cyber danger and cybercrime are major global concerns for businesses and governments. If firms don't have a suitable cybersecurity plan, there are significant financial and reputational consequences.

More than four out of ten (43%) enterprises and two out of ten (19%) charities in the UK experienced a cyberattack, according to the "Cyber Security Breaches Survey 2018." According to the poll, 38% of small businesses had made zero investments in cybersecurity defenses. It’s time to change that. 

What as an organization should you do to implement cybersecurity?

  1. Take cybersecurity seriously

According to research, there is a cyberattack every 39 seconds or so, which is indiscriminate. This simply means that you are vulnerable if you own a device that is connected to the Internet.

Individuals and companies alike have to be seriously concerned about this. After all, we publish a sizable amount of personal information in digital form, and corporations are charged with maintaining the security of our data. A cyber attack will also put your regular business operations in danger, causing disruption and, if successful, income loss.

Therefore, it is crucial to take cybersecurity seriously. 

      2.Train your product team

The most frequent access points for phishers continue to be employees despite firewalls and other security tools. Data breaches cost British businesses an average of £2.9 million per incident. 82% of security breaches involve human error. Comprehensive cybersecurity training stresses best practices and gives enough information to enable staff to discover attack vectors, prevent mistakes that can leave your network vulnerable, and respond to a potential threat.

You may reinforce the weakest link in the chain by equipping personnel with the knowledge and skills necessary to recognize and eradicate cyber risks.

        3.Regularly back up all data 

Despite taking all necessary safeguards, breaches are still possible; thus, it's crucial to block as many attacks as you can. Word processing files, electronic spreadsheets, databases, financial files, human resources files, and accounts receivable/payable files are the types of information that the SBA advises backing up. 

Make sure to back up all cloud-stored data as well. If a fire or flood occurs, make sure backups are kept in a different area. Check your backup frequently to ensure it is operating appropriately so you can be sure you have the most recent copy if you ever need it.

         4.Discard unused services

When an employee leaves the organization, or a legacy software has lost all its potential, safely decommission the application, login credentials, and other related services, to prevent unauthorized access.

          5.Implement VPN

Generic security measures are easily breachable. Use virtual private network (VPN) connections between various office locations. It must be made mandatory for work-from-home employees.

 We45 can assist you in creating apps that are secure by default as your dependable partner in product security. You can save time, get things out quicker, and stop worrying about security! Check out our Application Security Services

Data breaches have now become more commonplace, and with advancing technologies, more sophiticated attacks are happening, to combat this problem, companies need well-trained staff who can easily identify a threat in its initial stages. AppSecEngineer provides multiple courses on AppSec and other security measures.