Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Zero Trust Training (ZTT)
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Zero Trust Training (ZTT)
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Join AT&T Cybersecurity in Chicago to learn top 2024 resilience tactics on May 21st!

Celebrate 20 Years of Cybersecurity Awareness Month and Let’s Secure Our World Together

Home
Industry Insights
Celebrate 20 Years of Cybersecurity Awareness Month and Let’s Secure Our World Together

Blog Article Published: 10/20/2023

Originally published by Microsoft Security.

Written by Vasu Jackal, Corporate Vice President, Security, Compliance, Identity, and Management.

This year marks the twentieth anniversary of Cybersecurity Awareness Month, when we partner with the National Cybersecurity Alliance, the United States Cybersecurity and Infrastructure Security Agency (CISA), and organizations around the world to amplify the importance of cybersecurity best practices and how to be cybersmart. Initially, this moment started as a United States national awareness initiative and has grown to a global moment. Rightfully so, with a worldwide skills gap of 3.4 million cybersecurity workers, and the increasing sophistication of cyberthreats, security professionals are overloaded and often do not have the time to educate their organizations on how to stay secure. Given this, we are delighted to help the present and future generations of cyber defenders with educational tools to stay safe.


Why is cybersecurity awareness and education critical?

To understand the importance of exercising cybersecurity awareness with your entire organization, consider these stats:

  • The average cost of a data breach in 2022 was USD4.35 million.
  • The median time for an attacker to access your private data through a phishing email is 1 hour and 12 minutes.
  • 15 percent of lifestyle apps are malicious.
  • There are 4,000 password attacks per second.

As security awareness is ultimately about managing human risks, companies can go a long way by offering cybersecurity educational and skilling resources. For example, multifactor authentication can prevent 99.9 percent of attacks on accounts and it starts with educating our teams about the importance of multifactor authentication.7

An example of a best practice for cybersecurity awareness is the Campari Group, where the security team adopted a structured approach to educate the rest of the company on cyber defense. Every new employee receives a welcome email that provides practical information and resources about the company’s cybersecurity policies and training so they can help manage threats from the first day on the job, besides hosting a series of monthly security awareness campaigns.

Here are some of the key areas where we are focused on educating users this month—and all year round—that you can explore more by downloading our Be Cybersmart Kit.


Protect your devices

It is vital to protect your internet-connected devices by keeping your software current with the latest security updates. To help keep your devices safe:

  • Set up automatic updates to make the process smoother and decrease the risk from ransomware and malware.
  • Carefully check privacy and security settings to ensure they’re set to your desired level of information-sharing any time you sign up for a new account, download an app, or acquire a new device.


Passwordless is the key

Hackers don’t break in—they sign in. So a good way to protect one of attackers’ most common entry points is by going passwordless with authentication solutions. For when passwords are needed, there are a few steps you can take to be safer:

  • Use your browser’s password generator to create stronger passwords.
  • Length—at least 12 characters—matters more than complexity, and a password manager can help you keep track.


Multifactor authentication is a must-have

Multifactor authentication can protect 99.9 percent of the attacks in your accounts by offering stronger security than relying solely on passwords. Check your devices, apps, and account settings to enable multifactor authentication, such as two-step authentication or biometrics.


Phishing only works if you take the bait

1 hour and 12 minutes is the average time for an attacker to access your private data if you fall victim to a phishing email. Complacency can lead to clicking on a malicious link in an email, phone message, or social post. So, how can we avoid taking the bait?

  • Check the sender’s email address for verifiable contact information and phishing tip-offs such as an unrelated sender address. If in doubt for any reason, do not reply.
  • Don’t click on links or open email attachments unless you have verified the sender.


Security is important for every customer size

While following security best practices goes a long way toward keeping your employees, customers, and data safe, we know this effort takes a village and should permeate organizations of all sizes. Small and medium businesses face an even more challenging landscape—increasing cyberthreats, along with a lack of sophisticated security solutions and limited security staff, making them particularly vulnerable. In 2021 for example, 82 percent of ransomware attacks targeted small businesses, with the total cost of these cybercrimes reaching USD2.4 billion.

You can find many more best practices and educational resources for organizations of all sizes in our cybersecurity awareness website, including infographics to share with your organization on how to be cybersmart regarding phishing, scams, passwords, and devices.


Celebrate cybersecurity awareness all year round

Cybersecurity Awareness Month holds special significance globally as it brings together industry, academia, and government with a united mission to keep our users safe. However, as I have said before, it is vital that we implement cybersecurity awareness and education all year round.

Cybersecurity Awareness Month is more than an opportunity to refresh your cybersecurity savvy and learn new security skills. It’s a reminder of how collectively we can achieve more and make the world a safer place. Explore our Cybersecurity Awareness Month resources, including learning paths, certification opportunities, and the latest threat intelligence insights and cybersecurity innovations. Happy Cybersecurity Awareness Month!

Enhancing cloud security strategyInnovating from the cloud Threat Intelligence

Share this content on your favorite social network today!

Core Cloud
Related Resources
Top Threats to Cloud Computing
The eleven salient threats, risks, and vulnerabilities in the cloud.
Certificate of Cloud Security Knowledge (CCSK)
The industry's standard cloud security credential.
Corporate Membership
Gain knowledge and connections in the cloud industry.
Latest from CSA
Virtual Cloud Trust Summit 2024
AT&T Cybersecurity in Seattle
CSA's STAR: The Key to Cloud Security & Compliance
Trending This Week
#1 The 5 SOC 2 Trust Services Criteria Explained
#2 What You Need to Know About the Daixin Team Ransomware Group
#3 Mitigating Security Risks in Retrieval Augmented Generation (RAG) LLM Applications
#4 Cybersecurity 101: 10 Types of Cyber Attacks to Know
#5 Detecting and Mitigating NTLM Relay Attacks Targeting Microsoft Domain Controllers
Level up with Cloud Infrastructure Security Training
Related Articles:
Why Business Risk Should be Your Guiding North Star for Remediation

Published: 04/25/2024

How to Prepare Your Workforce to Secure Your Cloud Infrastructure with Zero Trust

Published: 04/24/2024

Neutralizing the Threat with Cloud Remediation

Published: 04/23/2024

Breach Debrief: The Fake Slackbot

Published: 04/22/2024