4 views on the meaning and lessons of Cybersecurity Awareness Month
October is being celebrated as national Cybersecurity Awareness Month, a time to reflect on external and internal threats to computer systems, networks and -- most importantly -- data.
In observance of Cybersecurity Awareness Month, several industry executives offer their views on what lessons should be learned from the celebration, and how organizations should use best practices to protect their corporate assets and customer information.
Although threat awareness is up, many underestimate the potential impacts
“2019 has been a banner year for major cybersecurity threats. Attacks on the American Medical Collection Agency, hits on local governments, along with the high-profile coverage of ransomware in the upcoming 2020 election cycle, should serve as a warning for SMBs. Yet, many still have a laissez-faire attitude toward IT security.
"A recent survey of cybersecurity decision-makers in U.S. SMBs revealed the extent to which they underestimate the impact of today’s cybersecurity threats. While this survey registered a higher awareness among SMBs as compared to Q1 and Q2 of 2019, it revealed additional areas where improvement is still needed.
“From drastic misconceptions around the financial impact of an attack, frequent patch application delays, and an overall stagnation in preparedness, an increase in education is needed to help translate that general awareness into positive action rather than passive acceptance.”
- Troy Gill, manager of security research, AppRiver
SMBs are especially prone to targeting and cyber attacks
“There has typically been little attention paid to SMB cybersecurity, making those companies prime targets for cybercriminals. Because of the growing complexity of small business technology environments, being able to meet the security needs of these increasingly technological organizations has quickly risen to be a top MSP priority.
“This October for Cybersecurity Awareness Month and beyond, MSPs and IT professionals must be vigilant in addressing the skills gap challenge, implementing the right technologies, regularly training employees in security best practices, and recognizing that keeping your business secure is a never-ending, always-evolving undertaking.”
– Michael George, chief executive officer, Continuum
Cybersecurity best practices should be a top priority every day
“Although October is Cybersecurity Awareness month, organizations need to consider matters of security with the utmost importance every day, not just this month – particularly when it comes to cloud.
“Cloud security challenges can vary greatly depending on how far along organizations are on their digital transformation. On the one hand, more conservative and regulated enterprises find themselves inhibited along their digital transformation journeys, while on the other hand, more aggressive digital natives are left exposed to punitive data protection legislation and increasingly privacy conscious consumers.
“For any organization looking to protect against a data breach, encrypting data and adopting industry best practices for managing encryption keys is crucial. Leveraging colocated encryption key management services that secure encryption keys in a Hardware Security Module (HSM) outside of, but in close proximity to, the cloud environment in which their applications reside allow for high performance, low latency integration with cloud apps without compromising on security or compliance.”
- Patrick Lastennet, director of business development, enterprise, Interxion
Cybersecurity defense is the job of every employee
“The number one lesson of Cybersecurity Awareness Month for every company should be that cybersecurity is no longer just an IT issue; it’s an existential issue for the whole business. Any device that collects information is ripe for attack.
“For example, at SharperShape we use drones to collect data that helps prevent fires. And while we don’t in any way collect private or personal information, our security measures ensure that only those using our application can access the data. We do this not because we are under immediate threat, but because we never know when we could be.”
– Ilkka Hiidenheimo, chief executive officer, Sharper Shape