Cybersecurity Awareness Month 2023
Every year in October, we observe Cybersecurity Awareness Month. Many companies leverage this opportunity to provide additional training and other valuable resources to protect their information and continue to create a culture of awareness.
As you consider how to educate yourself and your workforce, think about the current threats and vulnerabilities that seem to be getting the most press (for good reason):
- Phishing – Phishing continues to be the most frequently observed attack on companies and individuals. Using email, bad actors attempt to gain access to information. This can happen through links to websites that install malware or spoof sites that collect your login credentials.
- Ransomware – By installing a ransomware virus, criminals can hold your data hostage by encrypting the information and demanding a ransom for the decryption key. These attacks have become more sophisticated over the years by transferring (stealing) the information and moving it to another location.
- Password Harvesting – This type of attack has grown in frequency over the last several years and continues to plague individuals and companies. When a large company or website is attacked, the bad actors target the user credentials that are stored by the company. These credentials can be used to access other sites where your sensitive information is stored.
- Patching and Updates – Software companies publish updates on a frequent basis. You may have noticed this on your phone, laptop, or computer. These updates are important because they often address security vulnerabilities that are exploited by bad actors to gain access to your device and the information which it holds.
In all these types of attacks, the criminals seek to monetize and take advantage of human emotions and decisions. It’s becoming increasingly important that we all remain educated on how to recognize and prevent these types of attacks (awareness) and not put ourselves in a position where they can negatively impact us (resiliency).