National Cybersecurity Awareness Month (NCSAM) has officially kicked off during the month of October. With cyberthreats on the rise each day, organizations are rightfully concerned about how to best protect their IT infrastructure. In fact, Cybersecurity Ventures estimates that cybercrime will cost the world $10.5 trillion annually by 2025.

The COVID-19 pandemic has added more complexity to this issue, with organizations now tasked with securing an increasingly remote or hybrid workforce. According to IDG, nearly 80 percent of senior IT leaders believe their organizations lack sufficient protection against cyberattacks, despite increased security investments made in 2020 in response to the rise in distributed IT.

This complicated security climate is one of the reasons why NCSAM was created. It's an annual month of awareness created by the Cybersecurity & Infrastructure Security Agency - to raise awareness about the importance of cybersecurity globally. Below several tech experts have analyzed the importance of a robust security strategy, and best practices to better protect their sensitive data from cyberthreats.

##

James Winebrenner, CEO, Elisity

"Ransomware has made daily headlines for hitting businesses worldwide and shows no sign of slowing down. With the rise of remote workers and an expanding hybrid workforce, along with the proliferation of IoT devices, the footprint of shadow IT has increased, and the attack surface has grown as a result. No individual or company is exempt from the persistent threat of ransomware, which costs an average of $4.62 million, according to IBM/Ponemon. That's why National Cybersecurity Awareness Month serves as a reminder for organizations to manage and secure their digital identities, in addition to embarking on their zero trust journey. By trusting nothing, continuously verifying identity, context and posture, and limiting access only to the applications and assets that are required for a role, organizations can help prevent ransomware breaches. One strategy to help is turning to Zero Trust Access solutions, which are known for not only lower the risk of an initial breach, but also boost detection, response speed and effectiveness, and minimize the impact by reducing the blast radius of the breach." 

Chris Ray, analyst, GigaOm

"During National Cybersecurity Awareness Month and beyond, it's important for businesses to follow best practices in securing their sensitive data. When I am asked to help bridge the gaps in security programs, controls, and training, I often see the same mistake made. Leaders and decisionmakers spend an unjustifiable amount of time selecting the perfect program or security control. This is an arduous task, the program or control must align and enable business, but at the same time it must reduce risk.   

This is step one for organizations. And it is often their first mistake as well. They focus on selecting the perfect program or control, instead, the emphasis should be placed on selecting a good program or control and implementing it. Once it's online, you have reduced risk and now can make small adjustments as needed to nudge it closer to perfection. A perfect example of this is a financial institution I worked with. They spent six months gathering information on Managed Security Service Providers (MSSP). Then they spent two months collecting additional information and eventually settled on the vendor they initially identified as a ‘good fit' prior to beginning their lengthy exploration into the field of MSSPs. It is far better to have a tangible reduction in risk, than it is to have several perfect plans awaiting selection." 

Marcus Bartram, Co-founder and General Partner, Telstra Ventures

"Ransomware attacks have been rising at an alarming rate - with damages ranging from Apple's $50 million ransomware mess to threatening national security. Despite potentially catastrophic damages, fewer organizations are choosing to pay ransoms as they realize few cyber extortionists uphold their end of the bargain. In Q2 2021, 50% of organizations facing just a data leak threat opted to pay, according to Coveware, down from almost 65% in 2020. CISOs are instead doubling down on precautionary measures. They're purchasing backup storage, beefing up data and privacy operations, and even purchasing specialty cybersecurity insurance (a $7.8B market projected to reach $20.4bn by 2025) to proactively shift the potential impact of cybercrime.  

As companies hire security strategists to set security strategy and inform enterprise IT strategy, we're seeing new AI functionalities added that automate resource-intensive cybersecurity functions. A new breed of fast-growing startups is emerging that provides innovative AI-driven and automated cybersecurity solutions that help classify company data, manage access rights, encrypt sensitive data at the right time, and put governance policies in place. These technologies - along with coordinated actions across industry, government and law enforcement - will be key in driving both immediate and long-term success."  

Patrick Harr, CEO, SlashNext

"The cybersecurity industry has done a great job protecting machines, but most solutions have largely ignored the weakest security link - users. Protecting users is extremely critical now, with work from anywhere, BYOD and the blending of personal and business access. We are seeing a significant rise in multiple forms of phishing and social engineering, which causes 95% of successful breaches including ransomware, data loss and financial fraud. These are targeted attacks from platforms like LinkedIn, WhatsApp, Messenger, text, and chat, as well as popular collaboration tools like Teams, Zoom and Slack.   

It's crucial to recognize that phishing is not just an email problem anymore, and bad actors can reach users the same way they regularly communicate with their trusted contacts - text, messaging, chat, etc. They can be - and often are - lured into providing personal information, sharing credentials, or installing malicious apps that can undermine even the most sophisticated cybersecurity defenses." 

Simon Chappell, CEO of Assured Data Protection

"The bottom line today is that businesses need to be more resilient to reduce the impact of a ransomware intrusion. Cybercriminals are ruthless and indiscriminate. Every company should assume it will be targeted at some point, and that it is your recovery that mitigates the damage caused. For too long now, companies have treated cybersecurity and backup as separate functions, when, in fact, they serve the same purpose - protecting a business's digital assets and data.  

Having an integrated data management function puts your business on the front foot - when detecting a vulnerability, data can be moved to a safe, secure and encrypted environment, while the threat is tracked with forensic detail using threat detection and remediation technology. This data recovery platform creates a data insurance policy that allows the business to function as usual with little to no downtime, and also enables support for law enforcement to investigate the attack and help bring the perpetrators to justice. Cybersecurity defenses play a critical role in repelling attacks, but companies can only really achieve cyber resilience with integrated data management solutions that incorporate the latest threat detection techniques." 

Priya Rajan, CMO of DataVisor

"Heading into the peak retail season, credit card issuers and online lenders must implement proactive fraud detection to combat increasing rates of identity theft, transaction and application fraud, and other types of criminal activity associated with online purchasing. Reactive approaches to fraud detection - such as labeling, writing rules and manual case reviews - are inefficient, and by the time fraud is identified, the loss has occurred in a ‘buy now/pay later' model. Real-time detection and being able to identify fraudulent users and transactions - and stopping them before they result in a loss - is an essential tactic to grow the business while reducing fraud risk. 

DataVisor leverages holistic data analysis to surface coordinated groups of fraud rings and bot-initiated applications, to proactively uncover suspicious behavior, before an attack occurs. Advanced machine learning enables fraud teams to spot new and evolving fraud patterns early, without labels, and our flexible and scalable Knowledge Graph visualizes connections and patterns among data points, eliminating tedious manual case reviews while providing real-time decision-making based on data intelligence. This results in high approval rates with less impact to good customers and a frictionless experience." 

Greg Murphy, CEO, Ordr

"National Cybersecurity Month is a great reminder that one of the biggest challenges we're facing as a cybersecurity community is ransomware. The combination of availability of ransomware-as-a-service, easy cryptocurrency payment options and the expanding attack surface of connected devices make this our next cybersecurity "pandemic". It is critical that we come together - defenders and governments to tackle this threat together. A cybersecurity ransomware strategy needs to encompass process, people and technologies, and a very specific plan around the criteria for whether or not you'll pay a ransom. You also need to ensure you have a strategy for your connected devices, particularly with almost half of them agentless and un-agentable, in other words, unable to support security endpoint agents. Knowing what assets you have, identifying the ones at risk, and baselining their behavior are critical to locking down compromised devices during a ransomware attack."

Nathanael Coffing, CSO, Cloudentity

"Modern organizations are sharing data over APIs to digitally transform and rapidly bring new services to market. APIs are connecting with internal and external services, transferring sensitive data with users and partners across the hybrid cloud. Consequently, organizations are facing increased cyber risks and a growing attack surface. Legacy identity and access management (IAM) tools cannot protect and secure identities working in modern applications, much less multi-cloud infrastructures.
 
Gartner predicts that APIs will be the most frequent attack vector by 2022. Implementing zero-trust for APIs to protect against known and emerging threats like broken object-level authorization or broken authentication means building strong application identity along with strong user identity, as well as protecting sensitive data with fine-grained authorization. Properly assessing and mitigating risks at the API level can also allow organizations to enhance the user experience with transactional Authentication/ Authorization and fine-grained consent management.
 
Cybersecurity Awareness Month shines a light on the changing state of cybersecurity. Prioritizing cybersecurity and adopting these modern capabilities is no longer optional as digital transformation accelerates."

Troy Gill, Senior Manager of Threat Intelligence, Zix | AppRiver

"Cybersecurity Awareness Month is an important reminder for individuals and companies to reflect on their security best practices and ensure they are building the safest habits to protect themselves from a myriad of cybercrime. The number of headline-grabbing breaches and attacks that have taken place during 2021 highlight the critical need for safeguards across the entire company network. This is the perfect opportunity for organizations to educate their employees on what they can do individually to protect the company, especially as remote work continues to add to the rise of attacks as many organizations are still trying to secure their devices, remote access points and overall networks.

The shift to remote work has also accelerated cloud adoption and increased cloud storage rates. While, in many ways, the cloud is a safer environment than on-premise, attacks do still happen. It is critical for companies to maintain a third-party backup of business-critical data so they can move their business forward in the event of an attack.

Email has proven to be a common point of attack vector because it often contains sensitive and valuable communications, which is why phishing scams are a popular choice for cybercriminals. Organizations should consider implementing a more comprehensive email security solution that conducts a security audit to analyze its admins, users, mailboxes, and rules for vulnerabilities such as outdated passwords so they can be resolved before a breach happens. Companies should adopt a multi-layered cybersecurity strategy to safeguard their email against sophisticated threats. By implementing a layered approach to email security, enterprises can remove substantial gaps and preserve productivity even when facing a malicious threat.

Along with investing in proper security solutions, organizations should encourage their employees to follow the below strategies to keep their workforce safe against email-based attacks:

1. Never reuse passwords - Never reuse the same password on different services, if the service is compromised attackers will try that same password for others.
2. Use a password manager - These solutions help by remembering passwords for their customers, but many of them also have built-in tools for generating strong passwords that organizations and users can then use to protect their accounts.
3. Always use multi-factor authentication (MFA) - As an additional layer of email security this mechanism requires that all users provide multiple factors of authentication such as a security key to successfully log in, helping protect an account even if a phisher compromises login credentials.
4. Verify suspicious messages - If there is any suspicion about a message or transaction, it never hurts to call the sender. Most will be glad of your security protocols in place to help prevent fraud.
5. Avoid clinking links - Users can avoid falling victim to phishing attacks by exercising caution around all email links, and organizations can reinforce this behavior using ongoing security awareness training.
   

Awareness is a key part to protecting organizations, from employees all the way to the executive level. Companies should leverage this month to evaluate their internal security practices and solutions and send reminders to employees about how they can do their part to protect the company as a whole."

Matt Sanders, Director of Security at LogRhythm

"Cybersecurity Awareness Month serves as a great reminder for enterprises to recognize the importance of securing their organizations against today's top security threats. This year has been a hotbed for cybersecurity hacks and breaches, with increased attacks on our government and critical infrastructure entities like we have seen with the Colonial Pipeline, Solarwinds, JBS, the attacks on California and Florida water systems, and many others.

Though attacks continue to rise in numbers and impact, companies are still not prioritizing cybersecurity. A report earlier this year found that just 7% of security leaders report directly to the CEO, revealing an inability for security leaders to influence real change within an organization. In order for organizations to achieve the necessary organizational visibility and influence to effectively build a security program and mitigate increasing threats, security leaders such as CISOs and CIOs must report directly to the CEO. This structure allows the CISO to directly communicate potential risks to the organization, mitigate potential risks and influence each function in the organization to create greater security awareness.

While it's essential for CEOs and security leaders to be aligned, everyone within an organization has a responsibility to protect the data and systems they access. Because people are the last line of defense against attackers, all employees should be trained by their organization on how to identify and avoid attacks, including phishing emails, insider threats, social engineering and web browsing risks. In addition to identifying attacks, it is important that employees know how to report suspicious activity and feel that their reports are appreciated for helping to protect the organization.

Organizations should also remind employees of policies regarding securing mobile devices, BYOD, protecting passwords and improper use of equipment. Sometimes these policies are ignored or intentionally bypassed without security teams knowing because users find them inconvenient, leading to greater security risk. It is important to explain why these policies are in place and how they help to protect the organization.

This month is a great opportunity to for security leaders to revisit how they are communicating with their CEOs on security priorities and for organizations to prioritize security education and training for their employees. While the relationship between CISOs and CEOs is necessary for prioritizing security from the top-down within an organization, training and awareness of all employees is a bottom-up approach. When both approaches are executed, organizations can build an effective security program and reduce risk to the business in the face of persistent security threats."

 Daniel Markuson, Digital Privacy Expert, NordVPN

"Last year, we were surprised to learn that 1 in 5 still think cybersecurity is not something to worry about. It is important to recognize and bring awareness to cybersecurity threats and learn more about ways to stay secure. To minimize risks on your computing devices, tell users not to download anything suspicious from websites, don’t open suspicious links, emails or messages, and educate users on the latest social engineering techniques if they work with sensitive data. Additionally, securely backup all data, keep any security software up to date and use strong passwords to prevent brute force attacks. And finally, simply using a VPN will encrypt all online traffic so cybercriminals cannot intercept what activity is happening. NordVPN’s CyberSec feature will block suspicious websites and even prevent computing devices from joining a botnet zombie army."

Rahul Powar, CEO and Co-Founder, Red Sift

"In 2020, over 300 billion emails were sent every day. Business Email Compromise (BEC) accounts for over 50% of all cybercrime losses of which the majority are email-based phishing and social engineering attacks. With ransomware attacks and email use on the rise, email security is more important than ever, and it’s important that organizations are taking it seriously. I think the inadequate protection of many organizations is partly down to a lack of understanding about the devastation these attacks can cause, and also a lack of awareness of the protocols and solutions out there that provide robust, comprehensive protection against these."

##