Organizations are working with the US Department of Homeland Security to enhance their own security awareness training and promote it in their communities.
Cybersecurity Awareness-What is National Cybersecurity Awareness Month?
An annual initiative launched 16 years ago by the Department of Homeland Security, National Cybersecurity Awareness Month (NCSAM) takes place every October. DHS’s main motivation in mounting a month of cybersecurity-related activities is to make consumers more aware of how to protect themselves online. This year’s awareness month theme is “Own IT. Secure IT. Protect IT.” with a focus on privacy, the internet of things (IoT) and e-commerce security.
DHS’s 2019 efforts include a consumer toolkit that features advice in 13 areas, from social media bots to home devices such as smart locks. The goal of the annual rite is to get organizations to promote DHS’s message about how to not click on phishing emails and the best methods to ensure secure passwords and other cybersecurity hygiene habits that ordinary users can deploy to make themselves safer. Last year, according to DHS, over 400 local events across the country focused on good cybersecurity habits.
How DHS works with other organizations on security awareness
With all the attention on steps that average citizens can take, how can NCSAM benefit enterprise users or organizations that arguably need as much if not more support in keeping their employees and customers safe online?
Erin Shepley, the program lead at DHS’ Cybersecurity and Infrastructure Security Agency (CISA), heads up this year’s Cybersecurity Awareness Month activities. She admits that “a lot our content is really driven for the consumer, the average citizen that doesn’t work in cybersecurity.”
“We rely on organizations, basically trust mechanisms, to amplify” the messages of Cybersecurity Awareness Month, Shepley adds. “Whether that is a federal government agency, a chief security officer with a county government, the YMCA, the Boys and Girls Club,” DHS hopes the cybersecurity professionals within those organizations will talk with their offices and staffs and hold events related to cybersecurity.