October is Cybersecurity Awareness Month 2023, and, as always, it’s a great time to take a look at your organization’s cyber practices.
Cybersecurity Awareness Month was launched by the National Cybersecurity Alliance (NCA) and the U.S. Department of Homeland Security (DHS) in October 2004 as a broad effort to help all Americans stay safer and more secure online, so it’s in its 20th year! It’s now co-led by the NCA and the Cybersecurity and Infrastructure Agency (CISA), which was established within DHS in 2018.
The NCA theme for Cybersecurity Awareness Month 2023 is “Secure Our World”, which “calls all Americans to action to adopt ongoing cybersecurity habits and improved online safety behaviors.” Again, this year, they are focusing on “four simple steps we can take to stay safe online at home, work and school”, which are:
- Use Strong Passwords
- Turn On MFA (Multi-Factor Authentication)
- Recognize & Report Phishing
- Update Software
The recent MOVEit Transfer Zero-Day vulnerability illustrates the importance of that last step, not just for you and your company, but also your third-party providers. Hackers are getting more sophisticated at finding and quickly exploiting vulnerabilities in software, so your organization has to be looking out for those same vulnerabilities and address them immediately before the hackers can find them.
CISA and the NCA have partnered to create resources and messaging for organizations (which you can download here) to use when they talk with their employees, customers and memberships about staying safe online. Available resources include:
- A PDF guide to Cybersecurity Awareness Month
- A sample email to promote Cybersecurity Awareness Month to your employees
- A sample press release to announce your participation in the 20th Cybersecurity Awareness Month
- Sample social media posts and graphics (including the one above). Don’t forget to use #CybersecurityAwarenessMonth and/or #SecureOurWorld in all your Cybersecurity Awareness Month related posts!
- A branded video background you can use during conference calls
- A branded email signature graphic
- An infographic to educate you and your community on the 4 simple steps to stay safe online
- A 101 presentation you can use to educate your colleagues, employees, and customers about Cybersecurity Awareness Month
- A branded PPT template you can use to create your own presentations
I’ll have more posts about cybersecurity trends and best practices throughout the month of October in recognition of Cybersecurity Awareness Month 2023. Even though eDiscovery Today is considered an eDiscovery blog, we have published 399 posts related to cybersecurity in less than 3 1/2 years (including this one). Cybersecurity, data privacy, information governance, artificial intelligence and eDiscovery are all intertwined these days.
So, what do you think? How would you gauge your organization’s cybersecurity awareness? Please share any comments you might have or if you’d like to know more about a particular topic.
Disclaimer: The views represented herein are exclusively the views of the authors and speakers themselves, and do not necessarily represent the views held by my employer, my partners or my clients. eDiscovery Today is made available solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Today should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.