Virtualization Technology News and Information
Enough is not enough anymore: why and how we need to raise global cybersecurity awareness as number of connected devices explode

By Kevin Reed, CISO at Acronis

October was cybersecurity awareness month, originally designated back in 2004 by United States President George W. Bush and Congress to raise awareness of the growing cyber threat landscape that affects businesses, the government, and individuals. 2022's theme was "See Yourself in Cyber," stressing the importance that cybersecurity is intertwined in everyone's life and that individual actions can help combat cyber threats while encouraging people to practice good "cyber hygiene." The theme was a good reminder that amongst those of us regularly connected to the internet, having basic cybersecurity knowledge is commonplace by now, but it's not enough. Cybersecurity Ventures predicts cybercrime to cost the world $6 trillion in 2022, with attacks targeting businesses especially detrimental to global economies. As the number of devices connected to the Internet increases, so does the need for better cybersecurity know-how for the average person, achieved by individual actions, collaborative efforts, and incorporating cybersecurity into school curriculums across all ages to prepare the next generations for an increasingly digital environment.

Basic cybersecurity knowledge isn't even enough for the average person. The U.S. Census reported that, in 2018, 92% of U.S. households had at least one type of device connected to the Internet. That's millions of people sending and receiving data and information about other people all around the world, much of it personal and sensitive-whether they know it or not. This information could end up in the hands of someone with nefarious intentions, and that's all it takes to ruin someone's life via stolen identity, scammed money, personal information leakage, or any other potentially catastrophic outcome. The more devices a person has, the more surface is available for a potential cyberattack, carried out via ransomware, phishing, remote access, and other countless methods of cyber terrorism. Therefore, it's essential to equip everyone with cybersecurity knowledge beyond what's expected, teaching them why it's so important to protect personal information and understand how to do successfully do so.

The first step, as always, is to start with the individual. Until being cybersecurity savvy is a household necessity like cleaning and cooking skills, people should take independent action to increase their knowledge and refine their threat-identification skills. Most tech-savvy people know the importance of creating secure passwords, reminded of the importance every time they sign up for a new service online. There is a growing occurrence as more and more products and services require an online account to be fully utilized. Creating secure passwords and phrases is a good start, but phishing attacks, where attackers spoof login pages and emails, or use other deceitful methods to obtain sensitive credentials, can render any good password useless. The best defense against phishing is learning to identify threats and fake login pages, but most people don't second-check login pages, especially when it's provided by a real-looking email or a trusted (but hacked) friend via instant message. With greater global cybersecurity knowledge, the damage caused by phishing attacks would drop significantly. To get started on sharpening your threat detection and overall cybersecurity skills, it is suggested to use one of the many free resources available online, such as Khan Academy's Online data security unit. Although a lot of free courses are designed for those seeking a cybersecurity-related career, the skills are transferrable to everyday applications, especially for those working remotely on personal devices.

Adding cybersecurity to the grade school curriculum is also a potential step toward a more secure digital future. While many undergraduate schools offer some sort of cybersecurity program, cyber protection education should begin even sooner. Preparing future generations for threats they could encounter online isn't a new idea, but according to a study conducted by CYBER.ORG, only 10% of K-12 teachers responding to a survey reported being knowledgeable about cybersecurity. However, over 84% of kids in the U.S. own a laptop or desktop computer, as discovered by a survey by Common Sense, with the use of screen time surging by over 17% since the pandemic started. With almost all public schools equipped with at least one computer lab, we can use this as an opportunity to start teaching our youngest generations cybersecurity or offering classes as an elective, both to inspire and guide those looking to launch a career in cybersecurity and be available to students seeking a more secure online experience.

Finally, although taking initiatives as an individual can help combat cyber threats, our ability to collaborate and work together is our strongest asset in this ongoing battle. Teach those around you, especially less tech-savvy people, how to take security measures beyond what's expected-such as introducing them to two-factor authentication to protect themselves from phishing and password enumeration attacks, and teaching them how to securely back up data. If you're able to do so, organize cybersecurity awareness programs where you work, or implement regular cybersecurity drills and training into the work cycle. If you encounter strange websites, emails, malware, or anything else out of the ordinary, report it to the developers, IT department, or whomever applicable at your company who can take steps to alert those who could be affected by a similar threat.

The future of connected technology is full of exciting potential and promises, but it's up to us to make it secure for ourselves and for the generations succeeding us. Raising cybersecurity awareness year-round and not just during the month of October, both as an individual and to those around you, will only help contribute to a safer cyber landscape as the digital environment continues to develop. If we as a species can start taking cybersecurity as seriously as physical protection, I predict a dependable and exciting digital revolution on the horizon, supported and led by those willing to take the initiative.




In his 20+ years in cyber security, Kevin has been protecting various organizations from cyber threats. Some of his experiences include implementing cryptographic protection for the 3rd largest bank in Europe, building from the scratch security organization for a NASDAQ-traded search engine company, leading technology operations and running IT infrastructure for one of the largest e-commerce sites in South-East Asia.  Now CISO of Acronis, Kevin is in charge of defining company security strategy, developing cutting-edge security solutions and leads the company’s Cyber Protection Operation Centers (CPOC) worldwide.

Published Wednesday, February 08, 2023 10:02 AM by David Marshall
Filed under: ,
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<February 2023>