Cybersecurity Awareness Month: Top links to make it last all year
Take a closer look at some of the resources our experts use every day to stay safer online
While Cybersecurity Awareness Month has just drawn to close, the need to protect ourselves, our organizations, and our stakeholders online doesn’t disappear.
Even though it should go without saying that cybersecurity is all-day, everyday, all-year, permanent discipline, we’ll say it, anyway. The theme this year – “Do Your Part. #BeCyberSmart” – gives us all an ideal opportunity to review our own processes and ask ourselves if we’re doing enough.
Joseph Karpenko, Cybersecurity Advisory Lead with Stratascale, said there’s no time like now to raise our cybersecurity game.
“With Cybersecurity Awareness Month 2021 coming to an end, it is important to be aware and to be vigilant,” he said. “The goal of this month is to empower, inform, and educate people and organizations on how to be safer and stay more secure online. Taking a risk-based cybersecurity-first approach to protecting ourselves and those around us, improves our personal, professional, and community cyber hygiene and resiliency.”
With his advice in mind, keep this list handy as you focus on refining cybersecurity culture within your own organization:
The Cybersecurity & Infrastructure Security Agency
CISA launched Cybersecurity Awareness Month in partnership with the Department of Homeland Security (DHS) in 2004. The agency holds primary responsibility for enhancing the security, resiliency, and reliability of American cybersecurity and communications infrastructure, and has published a number of resources for Cybersecurity Awareness month, including a partner toolkit, and tip sheets.
CISA’s year-round resources library includes a Cybersecurity Hub, a Cyber Essentials Guide, and resources on misinformation, disinformation, and malinformation (MDM).
The Department of Homeland Security
The DHS has published a comprehensive website, #BeCyberSmart, designed to reinforce critical end-user cybersecurity best practices such as Multi-Factor Authentication (MFA), Wi-Fi safety, app-based security, and oversharing and geotagging
Center for Development of Security Excellence
The U.S. Department of Defense CDSE has consolidated a number of resources, including instructor-led courses, case studies, toolkits, and webinars, on this page.
The NIST Cybersecurity Framework
The National Institute of Standards and Technology Cybersecurity Framework consists of standards, guidelines and best practices to manage cybersecurity risk.
The National Cybersecurity Alliance
The National Cyber Security Alliance (NCSA) is a not-for-profit organization that builds public/private partnerships to create and implement education and awareness programs in businesses, schools, and at home. Its Stay Safe Online hub has become a central resource for organizations looking to encourage and sustain a security-first culture.
The Global Cyber Alliance
As part of its mission to make the internet a safer place by reducing cyber risk, this nonprofit has packed its website with free tools for organizations and individuals, including toolkits specialized for specific audiences such as small businesses, financial institutions, journalists, and others.
Have I Been Pwned?
This popular site, created by Microsoft employee Troy Hunt, is a free resource that allows visitors to easily determine if a data breach has compromised – or pwned – any of their online accounts. Use it for personal as well as corporate accounts, and do so regularly.
2021 SANS Security Awareness Report
The SANS Institute offers information security training and security certifications for over 165,000 security professionals, with comprehensive content designed to help organizations protect their networks against threats.
The 2021 SANS Security Awareness Report™: Managing Human Cyber Risk is brimming with actionable data to help benchmark and improve your organization’s security posture, and is available for free on the SANS website.
KnowBe4 Cybersecurity Month Awareness Kit
KnowBe4 offers complimentary training resources to help users protect themselves against cybercrime. The KnowBe4 Cybersecurity Month Awareness Kit includes two free training modules on internet security and social engineering, cybersecurity demo videos, infographics, and tip sheets.
Okta ebook – Security Built to Work Outside the Perimeter
Okta’s eBook, Security Built to Work Outside the Perimeter, showcases the pros and cons of 2-Factor Authentication (2FA), Multi-Factor Authentication (MFA), and Adaptive Multi-Factor Authentication (AMFA). With more employees than ever choosing hybrid or remote work, it’s time to ensure your data is locked down no matter how often your users visit the office.
Amazon Security Awareness Training:
The ecommerce giant, which originally developed a broad range of security training resources for its employees, has just announced it will make them available to individuals and organizations, as well. Check them out on the Amazon Security Initiatives page.
SANS Institute #SecureTheFamily Deployment Playbook
As hybrid work styles break down traditional barriers between office and home, SANS has released the #SecureTheFamily Deployment Playbook to help employees leverage cybersecurity learnings from the office within their home-based networks.
Krebs on Security
This in-depth security news and investigation blog is run by renowned cybersecurity expert Brian Krebs, and can also be accessed via RSS.
The Hacker News
This trusted site serves up headlines, tips, and best practices on all things cybersecurity.
Google Security Blog
This resource from the web services giant provides the latest insights on cybersecurity from Google’s own experts as well as from its partners.
This list is just the start. SHI’s Corporate Security Director Philip Armbrust says organizations must look beyond the technology as they work on better cybersecurity preparedness in the year ahead.
“The majority of security breaches are caused by human error,” he said. “Organizations with a strong security awareness culture are leaders in protecting their business from attackers.”
As cybersecurity is a never-ending need, reach out to our security specialists if you’d like to discuss your own plans.