October marks Cybersecurity Awareness Month, an annual awareness campaign intended to encourage greater safety and protection among all computer users. Launched in 2004 by the National Cyber Security Alliance (NCSA) and the U.S. Department of Homeland Security (DHS), the initiative has expanded to Europe and Latin America, among other regions, as the importance of educating citizens about cyber risks has become recognized. In Europe, events, campaigns and other initiatives will be held under the auspices of the European Union Agency for Network and Information Security (ENISA), as well as on the national level, with a focus on digital skills, education, and emerging technologies. The US will see an equally large line-up of events throughout the month under NCSA’s coordination.
In today’s always-on world, cybersecurity can no longer only be a concern for cybersecurity professionals, but should become a shared responsibility, requiring efforts at all levels of organizations and, more broadly, of society. This means that everyone must hold themselves accountable for adhering to cybersecurity best practices; no individual, business, or government entity can be solely responsible nor fully exempt from helping keep the internet safe and secure. Now more than ever, the smallest actions can have the largest positive impact. The events referenced above recognize this need.
However, it is also important to recognize that it is difficult to know what to do if you are not a cybersecurity professional. To this end the Cybersecurity Tech Accord signatories pulled together ten very concrete and simple steps that individuals globally can take to better protect themselves. These are based on the tips the signatories have shared over the years encouraging users to stay safe online (see for example, Cisco, Microsoft, TrendMicro and Facebook). They include:
1. Always change your default passwords, create strong, unique passwords for each of your accounts, and consider using a password manager to help keep personal information safe;
2. Use two-factor authentication whenever possible in addition to strong passwords to confirm your identity when logging into your accounts;
3. Use a firewall to block unauthorized access to computers and devices;
4. Ensure that you update your operating system, browser, and other software up to date with security patches to minimize threats from viruses and malware;
5. Limit what you do over public Wi-Fi and use software that creates a secure connection over the internet such as a Virtual Private Network (VPN) to safely connect from anywhere;
6. Practice safe surfing and shopping, checking that the site’s address starts with “https”, instead of just “http”;
7. Enable privacy settings and increase the default security settings of the software you use;
8. Be selective when sharing personal information as this could be used by hackers to guess passwords and logins.
9. Do not downloaded pirated software, as it that is not only illegal, but almost always includes some type of malware;
10. Back up your data, either to an external hard drive or the cloud, as this is the easiest way to recover from a ransomware attack.
Cybersecurity Awareness Month also creates a unique opportunity to get more involved in the various initiatives across the world that seek to generate greater awareness of cybersecurity. Many of our signatories already participate in those, but we also wanted to highlight two that the group has committed to do collectively:
– The Cybersecurity Tech Accord will host an event in and Washington, D.C. on “building a path to a secure cyberspace” on 16th October. Our objective is to contribute to a lively dialogue with policy makers and civil society on how to improve the security of our online environment. Further information on how to register can be found here.
– We have also joined forces with the Global Forum on Cyber Expertise (GFCE) and launched a series of freely available webinars that will begin in October, with the objective to increase the understanding of key cybersecurity topics to empower users, developers and customers to better protect themselves;
Cyberattacks are expected to increase in frequency and complexity in the years to come. The Cybersecurity Tech Accord signatories agree with the sentiment that the Internet is a shared resource and securing it is a shared responsibility. If everyone takes a collective action to protecting our online environment, the digital society that we live in can become stronger, safer, more resilient and more resistant from future cyberattacks.