Why We Need National Cyber Security Awareness Month

October 11th, 2016   /     /   security and compliance

The list of commemorative months is surprisingly long; who knew December was National Fruit Cake Month? (Answer: everyone who dreads receiving them during the holidays.) Some have been around for a long time, commemorating or celebrating groups or historical events, while others have not been around that long, and are launched to raise awareness of topical, important issues.

In a post-Snowden, post-Heartbleed, post-[insert major company breach here] era, it is easy to declare cybersecurity as one of the more important issues impacting most global citizens. Around the world, Internet access is fast becoming a monthly utility bill instead of a luxury item, and this means that a large portion of the world’s population is not only reaping the benefits, but also dealing with the risks of a highly interconnected environment.

This extends to the workplace even more so than your home. Chances are your employer is not only using the Internet as part of its business model, but more than likely that your job has some online element to it. Therefore, arming your employees with the right level of cybersecurity awareness, knowledge they can use in the workplace, and also at home, is crucial to your company’s and your employees’ success in today’s world.

National Cybersecurity Awareness Month is a perfect time to launch, refresh, or revisit your security awareness initiatives. Many organizations like the SANS Institute, the National Cyber Security Alliance, and even the FBI, offer lots of great resources to help organizations and individuals get up to speed on common threats that you have either encountered or will encounter in the future.

It’s important to note though, that content is just one piece of the equation, the other is how it’s delivered. Providing context on how these threats impact your end users not only at work, but more importantly at home, will resonate more than your typical security awareness training, which tends to be focused on business risks. Of course it’s important to consider your audience and your available resources as well, and determine what the best delivery mechanism is. This can take the form of emails, posters, in-person talks, or any other medium that works for your company.

At the end of the day, what matters most is that you deliver the message; that you empower employees to safeguard their online activities at work and at home, and the proverbial tide will rise all our (online) boats.

So get out there, raise awareness, and secure your employees, and in turn, your organization as well.

About the Author

Alvaro Hoyos leads OneLogin’s risk management, security, and compliance efforts. He also works with prospects, customers and vendors to help them understand OneLogin’s security, confidentiality, availability, and privacy posture and how it works alongside, or in support of, customer’s own risk management model. Alvaro has over 15 years in the IT sector and prior to joining OneLogin, helped startups, SMBs, and Fortune 500 companies with their security and data privacy compliance efforts. His commentary and articles have been featured in several publications, including CIO, CSO, Network World, Infosecurity, eWeek, and Help Net Security. Alvaro is a member of the Forbes Technology Council and has a B.B.A in M.I.S. and a M.S. in M.I.S. from Florida International University.

View all posts by Alvaro Hoyos