Roundup of the initiatives we spotted during Cybersecurity Awareness Month.
Cybersecurity Awareness Month 2023 Events and Initiatives
With cybersecurity awareness month just about over, it’s worth asking: What did we learn?
If you’re an MSP (Managed Service Provider) or integrator, you probably walked away with a head full of ideas. But don’t worry if you missed out either! These events and initiatives produced plenty of learning resources to inform your next steps.
NCA Kickoff Webinar
The National Cybersecurity Alliance (NCA) hosted a special expert panel on the past 20 years of Cybersecurity Awareness Month. But you don’t have to be a history buff to benefit from watching these CEOs, congresspeople, senators, and security experts talk.
The webinar put a lot of things into context. Since cybersecurity is ongoing, you should look at where we’ve been and what comes next.
NIST Blog Series
The National Institute of Standards and Technology (NIST) published a four-part blog series. Because the posts covered the individual topics for this month, they’re great reading for those seeking a high-level overview of:
- Multifactor authentication
- Strong passwords and password managers
- Software updates
- Phishing recognition, reporting, and response
The Third NIST Workshop on Block Cipher Modes of Operation
In early October, NIST hosted a workshop geared toward encryption safety. This event addressed limitations in NIST-approved block cipher modes of operation.
The workshop followed two earlier sessions related to the Advanced Encryption Standard (AES). It covered several potential enhancements, making it a nice glimpse at future encryption standards. If you want to get technical about something we use daily, you should download some of the many presentation PDFs.
NCA Annual Cybersecurity Attitudes and Behaviors Report 2023
Once again, the National Cybersecurity Alliance (NCA) published its yearly report on security behaviors.
This report explored the role of the public in cyber safety. It also discussed what better online security habits might look like. Considering that the overwhelming majority of exploits have human factors, these insights are critical to staying safe.
The NCA’s @StaySafeOnline account hosted a virtual #CyberChat on Twitter/X. This discussion focused on general cybersecurity awareness, providing information and tools for online safety.
This chat highlighted key messages for 2023, making it a good intro for newcomers who want to explore the four focus topics further. Participants also shared practical steps for personal, family, and workplace security.
CISA Cybersecurity Awareness Month 2023 Partner Toolkit
As it does most years, the Cybersecurity & Infrastructure Security Agency (CISA) published a massive trove of resources.
This PDF dump contains actionable guides, infographics, animated videos, and templates. In other words, it’s useful for learning and promoting real change within your organization.
If you skipped Cybersecurity Awareness Month or fell short on training, this is an excellent place to get back on track.
HHS and CISA Healthcare and Public Health Toolkit
CISA teamed up with the Department of Health and Human Services to create a unique toolkit on healthcare and public health cybersecurity.
This training package specifically targets health sector enterprises that face ongoing cybersecurity challenges.
In addition to covering the fundamentals of digital safety, the toolkit addresses concerns unique to healthcare providers – and the MSPs that serve them. It goes into typical risks and shares a variety of partner resources. For instance, you can sign up for weekly HHS advisory bulletins and real-time intelligence sharing.
NSA and CISA Top 10 Misconfiguration Advisory
With the help of the NSA, CISA published an advisory highlighting a big problem. The report covered the top ten most common cybersecurity configuration errors in large organizations. It also drove the point home by explaining how bad actors could exploit these weaknesses.
This wasn’t an official event, but the advisory is essential reading nonetheless. Many infrastructure security faults are hard to detect without an outsider’s perspective, so this report might be just what you need.
IBM Cybersecurity Awareness Month Executive Panel
IBM held an open-floor event featuring cybersecurity insights from its leadership team. Participants got to bring their questions to the experts for this one, making things a bit more interesting.
Big topics included the longevity of ransomware, how much security you need to boost your ransomware prevention, and the realities of work-from-home safety. The forum also addressed concerns related to multi-cloud security and creating efficient incident response playbooks.
Stay Cybersecure No Matter What Month It Is
MSPs must provide safe services. However, this responsibility doesn’t end just because October has come and gone.
Effective cybersecurity is about ongoing cultural changes. Good ideas take time to sink in – so keep up the effort. Use these resources to implement periodic training and cultivate better habits year-round.
Want to start today? Begin by knowing what’s happening on your networks. Then, build a management system that centralizes control and makes it easier to enforce best practices.