Cyber Security Awareness Month: With more risk, comes greater responsibility

October marks National Cyber Security Awareness Month or NCSAM. It was created in 2004 by the U.S. Department of Homeland Security and the National Cybersecurity Alliance. To highlight the importance of this awareness month, Techerati spoke with seven industry experts to get their thoughts and advice. Educate your people Graham Marcroft, Compliance Director at Hyve Managed Hosting, discusses the importance of training employees to be more aware of the cyber threats they may come up against. “The biggest threat and ‘weakest link’ when it comes to online security and data protection in the workplace is human error. This is often down to a lack of appropriate training and education for people who work in businesses that become victim to cyberattacks as a result. It is now more important than ever for businesses to make integrating cybersecurity a top priority for their employees by including it in their everyday working lives. “Data protection solutions can help prevent data loss, but maintaining a successful security program is largely dependent on employee awareness and their ability to comply,” agrees Tim Bandos, Vice President of Cyber Security, Digital Guardian. “By teaching employees how to make decisions about the use and protection of data, they’re in a better position to make better judgments on their own around data in the future.” Address the gaps in your technology However, human error is not the only aspect of a business that can pose a security risk. Michael Scheffler, AVP EMEA at Bitglass, explains how the increased adoption of cloud is making companies vulnerable. “Public opinion on the cloud has come a long way in recent years, with most security professionals now accepting that it’s no less secure than the traditional, in-house way of doing things. As adoption of cloud-based applications and services continues to grow throughout the business world, organisations need specialised security technology that is capable of protecting sensitive data wherever it is stored or accessed.” Hubert da Costa, Senior Vice President and GM EMEA & APAC at Cybera, adds that insecure networks can also lead to breaches and cyberattacks. “The adoption of mobility, big data, social media, cloud and the Internet of Things is extending traditional enterprise perimeters, making them complex and difficult to secure. Distributed enterprises are especially vulnerable to intrusions and data breaches due to their remote locations lacking onsite IT and security staff to properly secure their networks. Far too often, application security is an afterthought if it is addressed at all.” Implement practical actions to improve your defences “The simplest thing SMBs can do to protect themselves from cyber-threats is to enable multifactor authentication,” highlights John Ford, CISO at ConnectWise. “Essentially, that means having more than just a password. Most people use it all the time and never even think about it. For instance, when logging into your bank account from something other than your primary computer, and the bank sends a text message to your phone with a code. You enter the code and you’re in. That’s all multifactor authentication is. In cybersecurity, we call it ‘something you have and something you know.’ Take responsibility of your own cybersecurity practices Harold Sasaki, Senior Director, IT and TechOps at WhiteHat Securit advises all employees to “Own IT. Secure IT. Protect IT. in both their personal lives and at work. "Only purchase online from well-known stores. Stores like Amazon, eBay, Walmart and Nordstrom spend a lot of money and resources to make sure your data is safe. Just because a store uses encryption does not mean that once they have your data that it is kept secure. Avoid smaller unknown sites that may or may not have the proper level of security for your data. It is clear that all business leaders can make small or large changes to make their companies safer and reduce risks in today’s threat landscape. As Sasaki concludes: “These are key considerations we all need to make this month – and every day – to keep our data, and in turn, our employers’ data, safe.”