As the leaves change color and temperatures drop, October brings more than just pumpkin spice lattes and Halloween festivities. It's also been designated as Cybersecurity Awareness Month. This annual observance has been celebrated for nearly two decades, serving as a reminder of the ever-increasing importance of protecting our digital lives.
Cybersecurity Awareness Month was officially launched in the United States in 2004 as a collaborative effort between the National Cybersecurity Alliance (NCA) and the Department of Homeland Security (DHS), more specifically, the Cybersecurity & Infrastructure Security Agency (CISA). Since its inception, it has grown into a global campaign, with many countries now recognizing and participating in this important initiative.
Let’s take a look at how a few parts of the world are handling the occasion.
In the US, CISA continues to lead the way in promoting cybersecurity awareness during October. They collaborate with various government agencies, private sector organizations, and individuals to raise awareness and provide resources for better cybersecurity practices.
The theme for the US this year, is "secure our world", promoting behavioral change across the Nation, with a particular focus on how individuals, families and small to medium-sized businesses can Secure Our World by focusing on the following four critical actions:
- Use strong passwords.
- Turn on multifactor authentication.
- Recognize and report phishing.
- Update software.
CISA has also provided a toolkit for everyone to reference, which can be downloaded from its website.
To underscore how important cybersecurity is to the nation, in addition to CISA and NCA, the Whitehouse, National Institute of Standards and Technology (NIST), and the Center for Internet Security (CIS) have all either made statements or launched dedicated pages on their sites to mark the occasion.
Canada has also embraced Cybersecurity Awareness Month, with the Canadian Centre for Cyber Security (CCCS) leading the charge. They focus on educating Canadians about cyber threats, promoting safe online behavior, and providing resources for businesses and individuals to enhance their cybersecurity posture.
This year, Canada’s theme is, “step up your cyber fitness”, which is “all about stretching your cyber security muscles and taking things one step at a time!” Their website stresses that “cyber security is a shared responsibility” and encourage everyone to “join us and other organizations across Canada in promoting cyber security by participating in Cyber Month.”
Australia recognizes October as Cybersecurity Awareness Month, with various government agencies, including the Australian Cyber Security Centre (ACSC), participating.
The theme for the ACSC this year is “be cyber wise – don’t compromise”, which encourages citizens to take 4 simple steps to be more cyber wise:
- Update your devices regularly.
- Turn-on multi-factor authentication.
- Backup your important files.
- Use passphrases and password managers.
This is almost identical to CISA’s tips, except instead of a tip that targets phishing, the ACSC has gone for backing important files up.
The European Union Agency for Cybersecurity (ENISA) leads European Cybersecurity Month (ECSM). ECSM is a collaborative effort between EU Member States, the European Commission, and various partners to raise awareness about online security and provide practical tips for staying safe online.
This year, ECSM’s theme is “be smarter than a hacker”. ECSM’s website states that the theme refers to “knowledge and tools we need to protect ourselves from cybercriminals.” ENISA plans to focus on social engineering. They intend to cover everything from “phishing emails to impersonation scams,” and promise to “decode the tactics that hackers use and empower all to recognize and thwart their efforts.”
In the UK, Cybersecurity Awareness Month is typically promoted by the National Cyber Security Centre (NCSC). Curiously, they seem to be very muted this year. The UK’s National Health Service (NHS) seems to be the only government entity that has published any efforts in support of the occasion.
Singapore supports the occasion in a much more operational fashion. They typically let Singapore International Cyber Week (SICW), speak for the country during October in terms of cybersecurity.
Side note: I will be speaking at GovWare this year.
Cybersecurity Awareness Month serves as a valuable reminder of the critical role cybersecurity plays in our increasingly digital lives. Governments around the world are signalling more loudly than ever before that cyber risk is a significant and tangible threat to our way of life. By participating in this annual observance and taking cybersecurity seriously, we can collectively create a safer and more secure digital environment for all.