Cyber Security Awareness Month is upon us, and the supplemental attention in the space can certainly drive awareness. This is an area filled with persistent black hats and enigmatic threats, and one in need of more and more defense efforts.
The month-long National Cyber Security Awareness Month (NCSAM) has been observed in the U.S. every October since 2004. It is sponsored by the National Cyber Security Division (NCSD) within the Department of Homeland Security and the National Cyber Security Alliance (NCSA, a nonprofit organization). It stresses unity and vigilance among all web users.
Each year, there is a different theme, of sorts, which reflects the state of the nation, and the current threat landscape. In 2018, a year of transition for many security practitioners, the initiative appears to emphasize the importance of resources, talent and enterprise-wide awareness around cyber hygiene.
See Related: Cyber Author Says Attack Could Cripple 70% Of U.S. Power Grid
The aforementioned “transition” stems from shifting threat-actor motives – as they move from workstations to mobile apps and the actual user (sophisticated phishing scams, insider attacks, human error, etc.). This comes as cyber security spending continues to climb. (Forbes notes that cyber-spend could hit $66 billion by the end of 2018 – and $100 billion worldwide.) This year has also seen a meteoric rise in crypto-jacking attacks – in fact Trend Micro states that it has increased 141%, year over year.
Furthermore, as Security Intelligence points out, the month is broken up into four weekly topics: “Make Your Home a Haven for Online Safety,” “Millions of Rewarding Jobs – Educating for a Career in Cyber Security,” “It’s Everyone’s Job to Ensure Online Safety at Work” and “Safeguarding the Nation’s Critical Infrastructure.”
While the nation-state threat is quite active, there is – and has been – serious concern around the state of employee awareness, in the enterprise. That said, the third theme appears to tackle this head on. As Security Intelligence writes, “Week three aims to help users fuse cyber security across their work and personal lives and emphasizes the shared responsibility of employees to help manage risk and improve resilience.”
See Related: Top 5 Q3 Stories Involve T-Mobile, CCPA, Budgets & More
Of course, in order to carry out that rewarding, but labor-intensive, undertaking, “it takes a village.” Well, that village must be populated with skilled and capable cyber security professionals – those who can administer network controls and also propel the industry to new heights.
On the state of cyber resources and talent, Security Intelligence, in its Cyber Month post, wrote: “To put it simply, demand exists and training is getting better; now it’s a matter of cultivating student interest.”
There has been serious discussion about skilled talent in 2018 – and oftentimes that hearkens back to these grassroots efforts – from elementary school, middle school or even high school and beyond. Of course, higher education is a critical link in the cyber chain – awarding pertinent degrees and shaping young practitioners. But this level cannot be the first time talented students are exposed to the perks of a career in cyber. In actuality, it does dig deep into early education.
Initiatives such as Cyber Month help spur change, and it is likely that engagement will increase in the coming months. In fact, 2019 will likely see a rise in the state of employee and consumer cyber-awareness. While cyber hygiene may improve by some margin, this is a multi-year campaign against unnamed adversaries. There is a reciprocal component of the talent crisis – but more engagement and pertinent headlines could likely help defuse this situation.
Overall, time will tell just how far cyber security will advance. For now, it is experiencing exponential growth – in function, spending, etc.
Lastly, as we monitor engagement with cyber this month, we will simultaneously look ahead at seismic shifts in the space – both technical and personnel-based. In the meantime, enjoy Awareness Month!
Be Sure To Check Out: Security Expert & Former Secret Service Agent Discusses Cyber-Crime