Originally launched in the US in 2003 as National Cyber Security Awareness Month, every October is now marked in several countries around the world including the United Kingdom and the EU as an annual event to increase the awareness of businesses, charities and the public sector of the threat that cyber attacks present.
Cyber Security Awareness Month tentatively acronymed as CAWtober by this site (referencing the way crows and ravens warn their peers of any imminent danger) has never been more pertinent than this year, when unabating news of soaring scams and ransomware attacks taking advantage of staff working remotely and the opportunities the vaccination effort offered for phishing, has also been borne out by the Cyber Security Breaches Survey 2021.
An unsettling 39 per cent of businesses participating in the survey reported having cyber security breaches or attacks in the last 12 months up to March this year, which increased to 65 and 64 per cent among medium and large businesses, respectively – the most common attacks being phishing and impersonation. The extensive use of social engineering as a gateway to other, more serious types of cybercrime with an estimated 98 per cent of attacks relying on the technique shows how instrumental raising employees’ and individuals’ awareness of the scams they are most likely to fall prey to can be to making a business less exposed to cyber risk.
Cyber Security Awareness Month offers plenty of opportunities to promote good practice among staff and provide them with access to free resources, so they can develop some basic level of cyber hygiene and a better understanding of the digital technologies they use in the office – whether on-site or remotely. In the UK, the website of the National Cyber Security Centre is the go-to place for companies searching for guidance and resources with a view to making their organisations more resilient. Further websites worth browsing for information security education tools or support with putting on awareness-raising events include:
The European cyber security month https://cybersecuritymonth.eu
CISA https://www.cisa.gov/cybersecurity-awareness-month and the National Cyber Security Alliance (NCSA) https://staysafeonline.org
Getting certified with Cyber Essentials, a simple but effective government-backed scheme, will guard a business at the start of its information security journey against the most common cyber threats, as well as provide it with a great baseline to start further work from.