CISA Kicks Off Cybersecurity Awareness Month, Security Pros at ISC East Take Lessons to Heart

The Cybersecurity and Infrastructure Security Agency (CISA) kicked off its 21st annual Cybersecurity Awareness Month, aimed at empowering individuals, businesses, and organizations with the tools and knowledge to protect themselves from online threats. For security professionals attending ISC East in New York City next month (Nov. 19-21 at the Javits Center), whose attention is increasingly devoted to the threats aimed at their networks, cybersecurity concerns will last far beyond October.

Experts there will be looking at the newest technology solutions available to help in this battle, but many know their primary responsibility is educating the people they work with.

“Phishing and social engineering attacks, like spear phishing, are designed to steal credentials or deploy malware by tricking users into providing sensitive information, so educating users about the dangers of phishing and how to recognize suspicious emails is crucial,” Allied Universal’s Rachelle Loyear, a member of SIA’s Cybersecurity Advisory Board, told ISC News in a recent interview. “Credential sharing and poor password practices, such as using weak passwords, can lead to unauthorized access, so implementing policies for strong, unique passwords and using multi-factor authentication can mitigate this risk. Additionally, even with all the best access control in the world, piggybacking, where unauthorized individuals gain access to secure areas by following authorized personnel, can compromise physical security, making it vital to train employees to recognize and prevent such activities.”

CISA aims to help during the month of October by partnering with the National Cybersecurity Alliance (NCA), to "Secure Our World," which focuses on educating the public on essential practices for staying safe online.

Throughout October, CISA says it will emphasize four key steps to help everyone strengthen their online security:

• Use strong, unique passwords and a password manager for secure access.
• Enable multifactor authentication to add an extra layer of protection to critical accounts.
• Recognize and report phishing attempts, staying cautious of suspicious messages or links.
• Update software regularly to ensure devices remain protected with the latest security patches.

"Protecting ourselves online requires a few simple steps to safeguard our digital lives," said CISA Director Jen Easterly. "We’re excited to partner with the National Cybersecurity Alliance to raise awareness and help everyone stay secure in today’s interconnected world."

There are at least a half dozen sessions exploring cyber and connected security issues at ISC East this year. For more information on ISC East or to register, visit the website.