October marks Cybersecurity Awareness Month, a crucial time to highlight the importance of digital safety and protection. Now in its 21st year, National Cybersecurity Awareness Month
continues to build momentum and impact.
In today's increasingly interconnected world, cybersecurity threats are more prevalent than ever. From data breaches to ransomware attacks, the risks are real, and the consequences can be devastating.
To provide valuable insights and guidance, we've gathered expert commentary from a number of industry leaders. In this roundup, experts will share their perspectives on how individuals, businesses, and organizations can safeguard their digital assets and build a more secure online environment.
Join us as we explore the critical role of cybersecurity in protecting our personal and professional lives.
##
Morgan Wright, Chief Security Advisor, SentinelOne
If
I had written this response three to four years ago, my comments would
have addressed the need for security awareness, more training, better
passwords, vulnerability management, and patching—the traditional things
everyone discusses. The stakes were different.
Today, the stakes
couldn't be higher. Persistent attacks by nation-states like China,
Russia, Iran, and North Korea against our critical infrastructure have
redefined what failure means. It's no longer about monetary or data
loss; a failure today means power, water, communications, public safety,
and many of our vital infrastructures. It's about a prelude to war as
tensions rise around the globe. Warfare in the fifth domain of cyber
comes with a different set of consequences.
The consequences will
affect our supply chain, our ability to defend ourselves, our economic
competitiveness, and our military readiness—the very functions for which
a government is responsible to its citizens. For example, the
consequence of a compromised identity goes far beyond civil liability, a
policy violation, or a reprimand from HR.
Too often, a severe
incident or breach occurs, and the industry proclaims that this should
be a wake-up call, that we must get serious. Our problem is we keep
hitting the snooze button on the alarm. To truly create awareness, we
should focus on the consequences of failure. What will we lose? What
will you lose? What are you willing to do to prevent it? If we can
answer those questions, awareness will take care of itself.
++
Karl Holmqvist, Founder and CEO, Lastwall
We stand at a pivotal moment in cybersecurity,
where we must confront a pressing question: "Are we genuinely doing enough to
secure our world?" As the digital landscape evolves with unprecedented speed,
companies are uniquely positioned to lead by crafting and deploying robust,
accessible solutions. It is time to move beyond the minimum thresholds of
compliance and push for fortified defenses that truly make a difference. By
embracing innovative pricing models, the industry can democratize access to high-quality
protective measures, ensuring that organizations of all sizes can step up their
security game. The priority must be to safeguard our society.
With the advent of post-quantum computing on the
horizon, the stakes have never been higher. The protection of sensitive
information and critical infrastructure demands a renewed and unwavering
commitment. To build a safer future, the cybersecurity community must unite,
fostering collaboration and a proactive stance against emerging threats. When
we view cybersecurity as a shared duty-to protect society-we lay the foundation
for real, meaningful progress. This collective resolve will be our strongest defense
in navigating the challenges ahead.
++
Bruno
Kurtic,
Co-founder, President, & CEO, Bedrock
Security
The 21st Cybersecurity
Awareness Month's theme "Secure Our World" is a stark reminder of our shared
responsibility in securing the digital landscape. Data breaches continue to
escalate, with the average
data breach costing $4.88 million-the highest cost ever recorded-and the number
of data compromises rising to 1,571 in the first half of 2024, up 14% from 2023.
The scale and speed of these breaches
underscore a critical truth: each organization must take full accountability
for the sensitive data they handle. A key first step is ensuring full
visibility into where critical information resides and who has access to it.
Without this, gaps and vulnerabilities, and thus breaches, multiply.
And adapting to new challenges from
modern use cases such as GenAI is essential. To prevent sensitive data leaks in
GenAI LLM models, it's crucial to understand the data, the business context,
and control what data is used before it is used for GenAI training. Strong data
governance and access controls enable the speed required for innovation without
compromising security.
Modern enterprises understand that
cybersecurity is not just the responsibility of IT teams-it's a shared duty
across the entire organization. By embracing this mindset, we can collectively
secure our world.
++
Scott
Kannry, Co-founder and CEO, Axio
As we observe the 21st Cybersecurity Awareness
Month, it's essential to focus not only on raising awareness but also on taking
concrete actions to reduce cyber risks. While increased engagement from the
C-suite and boards is a positive step, many organizations still face challenges
in turning this awareness into coordinated and effective action.
To truly "Secure Our World,"
organizations must move beyond just identifying cyber risks and concentrate on
actionable strategies to mitigate them. This means fostering better
communication among stakeholders, aligning on priorities that matter most to
the business, and making decisions that focus on minimizing the potential
impact of cyber incidents. As recent events like Crowdstrike have shown, even
well-defended companies can be significantly affected, sometimes due to
accidents. Thus, it is imperative to understand the ramifications of a
successful attack (or accidental event) to effectively minimize business
impact. Cyber Risk Quantification (CRQ) can be a powerful tool in this effort,
but only when it is used to drive business decisions rather than just measure
risk. Aligning stakeholders on CRQ can help bridge the communication gap and
create a unified approach to cybersecurity.
As cybersecurity threats evolve, so must our
approach. Organizations that involve a broad range of voices and focus on
practical outcomes will build more resilience and secure environments for
everyone. This month serves as a reminder that securing our world is an ongoing
effort that requires collaboration, clear strategies, and a commitment to
continuous improvement.
++
Shawn
Waldman, CEO
and Founder, Secure
Cyber
Cybersecurity Awareness
Month is ineffective. I know I might be in the minority, but as a nation,
sometimes we do the same things over and over again without achieving different
results-or sometimes, any result at all. I like the idea of Cybersecurity Awareness
Month from an awareness perspective, but we need to do more.
Cybersecurity is national
security-let's start there. Cybersecurity Awareness Month is focused on four
things: recognizing and reporting phishing, using strong passwords, turning on
MFA, and updating software. These are all high-level and essential tasks for
basic security. However, what's missing are step-by-step videos and
documentation that guide the average citizen through these processes for some
of the most critical apps in use today. A prime example (pun intended) is
Amazon! It is likely one of the most widely used applications in most
countries, possibly worldwide. Why not use this campaign to walk people through
how to secure their accounts?
Lastly, we must educate
the public on how fragile our critical infrastructure is and how they can
protect themselves. This isn't fear-mongering; it's about simple awareness and
utilizing sites like ready.gov to learn how to begin the preparation process.
++
Irfan
Shakeel, VP Training &
Certification Services, OPSWAT
To "Secure Our World," protecting
critical infrastructure must be a top priority, requiring proactive strategies
to safeguard our society's critical systems and sensitive data. This effort
must go beyond raising awareness and demand targeted cybersecurity measures
vital for national security. In sectors we all rely on, such as energy,
transportation, and healthcare, organizations should focus on real-world attack
vectors, like SCADA system manipulation, to better understand the risks we face
and enhance preparedness.
Regular tabletop exercises simulating OT/IT
breaches, strict enforcement of multi-factor authentication (MFA) and network
segmentation, and active leadership in fostering a security-first culture are
essential steps for readiness and resilience. These foundational measures must
be continuously reinforced to maintain vigilance across the organization.
Cybersecurity should also be embedded throughout
the product development lifecycle, starting with secure coding practices and
early threat modeling. Regular security reviews, vulnerability assessments, and
the use of static and dynamic analysis tools ensure security is integrated from
the start, reducing post-deployment risks. By embedding cybersecurity into each
phase, organizations minimize vulnerabilities and strengthen overall security
postures.
++
Dale
Hoak, Director of
Information Security, RegScale
As we observe Cybersecurity Awareness Month, it's
essential to rethink how organizations approach compliance to enhance digital
security. To truly "Secure Our World," organizations must adopt a
dynamic approach to Governance, Risk, and Compliance (GRC) that evolves with
the changing landscape of security threats and regulatory demands. Traditional
GRC methods often struggle to keep up with today's fast-paced threat
environment. The future of GRC lies in Dynamic Operational Control Management,
which integrates Continuous Control Monitoring (CCM) with automation, AI, and
real-time analytics to ensure robust security.
Compliance should be an outcome of effective
security practices, not a mere checkbox exercise. By leveraging existing tools
to continuously monitor and automatically collect both technical and
non-technical evidence, organizations can create a real-time, unified view of
their cybersecurity posture. This proactive approach aligns compliance with
strong security practices, reducing the need for separate, burdensome
compliance efforts.
As cyber threats grow more complex, optimizing
workflows and automating incident response is crucial. Automated systems can
deploy patches or alert teams for manual intervention when a vulnerability is
detected, followed by validation and resolution. This not only strengthens
security management but also streamlines audits and compliance reviews, making
it easier for organizations to meet regulatory requirements.
++
Kris Lahiri, Co-Founder and Chief Security Officer of Egnyte
I believe in a focused approach to cybersecurity that prioritizes best practices over trying to implement too many strategies at once. The effectiveness of security protocols relies on commitment and rigor. Below are key practices to enhance an organization’s cybersecurity posture:
- Foster a culture of cybersecurity awareness with an emphasis on employee training and education on the latest threats, phishing attacks, safe online practices, and phishing simulations.
- Implement strong identity management with multi-factor authentication and network segmentation.
- Adopt a Zero Trust architecture to continuously identify verification and access privileges to sensitive data and employ micro-segmentation techniques to reduce the attack surface and limit the potential impact of a breach.
- Enhance data encryption and encrypt all sensitive data at rest and in transit.
- Conduct regular risk assessments to check systems for potential vulnerabilities.
- Invest in advanced threat detection systems that adopt a comprehensive approach to monitor for suspicious activity and potential threats.
- Develop an incidence response plan with clear protocols and designated roles. Regular internal and external drills help identify and address potential vulnerabilities before they can be exploited.
++
Don Boxley, CEO and Co-Founder, DH2i
While virtually every organization is aware of cyber threats all year long, Cybersecurity Awareness Month serves as a great reminder of the increasing sophistication and frequency of attacks. Despite cybersecurity being a top priority for businesses around the world, many still overlook the huge risk imposed by something as simple as outdated technology. For example, virtual private networks (VPNs) were originally designed over two decades ago for a more simplistic era of networking and security. In today's complex hybrid and multi-cloud world, they represent a significant vulnerability due to their inherent weaknesses - such as excessive trust, reliance on physical infrastructure, and lack of granular access control. In other words, a single compromised VPN can provide an attacker with unlimited lateral attack surface to gain access to a company's entire network - including its most sensitive data.
To safeguard against evolving threats, modernization is the key. In the case of upgrading from VPNs, software-defined perimeter (SDP) solutions should be at the top of the priority list. SDP integrates concepts like Zero Trust Network Access (ZTNA) connections to enforce a strategy of least privilege, meaning users and devices can only access the data for which they are specifically authorized. SDP also allows for application-level connectivity which minimizes attack surface and limits lateral movement within the network, further eliminating the risk of large-scale breaches. A select few SDP solutions will even increase your network throughput, benefiting your company as a significant security and performance enhancement.
So, as you think about how you want to commemorate Cybersecurity Awareness Month this year, may I offer that the most conscientious and diligent way to do so is to simply conduct a review of your IT infrastructure and then initiate a refresh of any dangerously obsolete technology.
++
DeeDee Kato, Vice President of Marketing, Foxit
How often in your business life (or your personal one, for that matter) do you use a PDF to store, share, and/or protect the integrity of information - whether it's a contract, financial document, or medical record? Did you have to give it some thought? That is likely because PDFs have become so very ubiquitous in our lives - with the majority holding valuable and/or sensitive information whose security is paramount. Therefore, this year, during Cybersecurity Awareness Month, I urge you to take a proactive approach to protecting these documents from unauthorized access and malicious intent.
Let's start with the basics. To protect your PDFs you need several common sense security features such as password protection, encryption, and digital signatures to ensure only authorized users can view or edit documents. But you cannot stop there. The ideal PDF solution must also provide advanced redaction tools to permanently remove sensitive information; as well as integrate openly with security solutions to detect, protect, and mitigate malware. And if you really want to sleep at night (and help your C-suite, legal, and compliance departments, too), your PDF solution must support compliance with data privacy and other prevailing industry regulations. In other words, with the right PDF protection in place, you can safeguard your documents, protect your business, and ultimately keep your bottom line secure.
++
Larry O'Connor, Founder and CEO, Other World Computing (OWC)
Cybersecurity Awareness Month is a great time to be reminded that data security is not just one person's or organization's responsibility - it must be a collective effort. Likewise, your data's security cannot be reliant on just one technology serving as protection - a multi-layered defense is the best (and perhaps only) way to ensure success.
Certainly, data storage must play a critical role in this strategy. This means we must choose our solutions wisely. And when we are considering scalability, availability, performance, and/or price, equal consideration should be paid to protection and security. After all, data storage is about more than just keeping files... It's about safeguarding what matters to you most - from business records to intellectual property to sensitive employee and/or customer information, all the way to our most precious personal memories. Data is more than just zeros and ones; it's the digital embodiment of our stories, innovations, and the foundation of our future.
++
Jason Lohrey, Founder & CEO, Arcitecta
National Cybersecurity Awareness Month is a reminder that as data environments reach hundreds of petabytes and hundreds of billions of files, protecting data will become an increasingly difficult and complex challenge. IT leaders are shifting their focus from backup to recovery as organizations need complete and immediate data recovery with no downtime or, at most, only milliseconds of downtime to prevent criminals from holding a business and its data hostage for days, weeks, or more. New approaches such as continuous data availability represent game-changing levels of protection that actively record every significant change in real-time for every file so a user can go back to any point in time to retrieve data – quickly and without the assistance of IT. Organizations will increasingly leverage continuous data availability technology to protect data from loss and cyber threats.
++
Lynn Dohm, Executive Director, Women in Cybersecurity (WiCyS)
During Cybersecurity Awareness Month, messaging to already-cyber-conscious audiences is often redundant. It's time to take a different approach—one that focuses on students and builds real connections. To cut through the clutter, we need to simplify the message and empower the next generation to see themselves in cybersecurity. This month isn’t just about raising awareness; it’s about shaping the future leaders of this field.
Teenagers are much more likely to listen to someone closer to their age who they can relate to. They're not going to engage with adults lecturing them about cybersecurity. To shake things up, this Cybersecurity Awareness Month, we’re showing young women that they belong in this field by mobilizing our student chapters to reach high school students directly. We’re showing them that cybersecurity is already a part of their lives and doesn’t have to be intimidating.
We’ve developed a Cybersecurity Awareness Month toolkit, backed by our top-tier partners, that these student leaders will take into high schools, breaking down cybersecurity into simple, everyday language. Many students don’t realize they’re already practicing cybersecurity when they use things like two-factor authentication. By having peers—people who were recently in their shoes—share this message, we’re making cybersecurity feel relevant and accessible. It’s not a big, scary concept; it’s something they’re already part of.
++
Steve Garrison, SVP of Marketing at Stellar Cyber
There are hundreds of companies involved in cybersecurity technology, but no matter how good we get at detecting and responding to attacks, our technology doesn’t account for human behavior. Millions of phishing emails, texts and fake alerts are sent out every day by hackers and criminals trying to gain access to bank accounts, financial records, and all other types of data. These messages can be extremely convincing, especially to kids and young adults who haven’t been educated on the inherent risks of clicking links in unfamiliar emails or websites to facilitate cyberattacks.
Our Don’t Click It, Pitch It program aims to teach young people what to do when they see a suspicious email or text message and how to ensure that their sensitive information isn’t compromised in a scam. Just as we taught kids not to get into cars with strangers or talk to strangers at a park, ‘stranger’ texts and emails are no different and should also be ignored.
As part of National Cybersecurity Awareness Month, we sponsor National “Don’t Click It” Day on October 16. As part of our program, we have partnered with Minor League Baseball organizations such as the Ogden Raptors (Ogden, UT), the Oakland Ballers (Oakland, CA), and the Lake County Corn Dogs (Crown Point, IN) to help educate kids and teens about how to stay safe online.
Stellar Cyber has also brought its Don’t Click It, Pitch It curriculum to thousands of students across America, equipping these young people with the knowledge they need to identify and respond to phishing emails.
If we can change human habits, we can help end cybercrime.
++
Amit Shaked, GM & VP of DSPM Strategy, Growth and Monetization, Rubrik
As AI adoption grows, so does organizations’ appetite for the vast data from disparate sources needed to train AI models. This has also contributed to the rise of shadow data, with more businesses realizing they can’t protect against what they can’t see — leaving them as easy targets when cyberattacks happen.
Increasingly, organizations’ solution to this challenge is the adoption of data security posture management (DSPM): a holistic approach to assessing and managing an organization’s cybersecurity readiness and effectiveness in protecting its data assets. DSPM solves one of the most daunting aspects of data security: knowing where all data is within the organization, and how to secure it. This is a key step to ensure cyber resilience: keeping your data safe even during a cyberattack.
The last year has shown the secret is out: modern organizations must embrace DSPM as a key ingredient in their overall security strategy to reinforce cyber resilience.
++
Dan Ortega, Security Strategist at Anomali
In the Age of AI – it’s all about the data – how you manage it, and then action it to protect and drive your business. Unfortunately, many companies don’t have a strong data plan in place; information is coming in too fast, and with the pervasive use of AI, it has accelerated immensely – and as a result, companies tend to manage it in the most expensive, inefficient, complex, and disparate way possible. This creates unnecessary risk across all business operations. This includes the way that security teams approach threat intelligence data – which is often siloed and not integrated holistically across all security and IT functions.
This year, for Cybersecurity Awareness Month – I encourage security and IT teams to focus on three key areas: 1) auditing their Security Operations Center – to ensure that the tools in use are providing a truly comprehensive view of the business, and encouraging the flow of data across systems (e.g. ensuring that teams or tools don’t silo threat intelligence data and is providing value), 2) Cleaning up internal processes to ensure that security technology is being used to solve business challenges, maximize talent capacity, integrate security into business and simplify underlying processes, and 3) take a hard look at how AI is being used in your organization. Does everyone use whatever version of AI is convenient without oversight from IT? What could possibly go wrong?
++
Jim Broome, president and CTO of DirectDefense
Cybersecurity Awareness Month is a crucial opportunity for organizations to emphasize basic, yet effective, methods to safeguard against cybercriminals. As CISA’s theme, “Secure Our World,” highlights, it's essential for companies to stay ahead of evolving threats. Phishing attacks, for example, have become more sophisticated, with threat actors leveraging AI tools to craft convincing campaigns. Traditional security awareness training that focuses on spotting spelling errors or non-localized content is no longer enough. Employees must be trained to recognize subtler signs of phishing, such as suspicious links, unnecessary urgency, or requests for personal information, while understanding how to appropriately report potential threats.
In addition to phishing awareness, organizations should encourage stronger password hygiene or even adopt passwordless solutions like Yubikey. Predictable passwords remain a security weak point, but password managers can mitigate risks by safely storing complex credentials. Moreover, multi-factor authentication (MFA) is critical in securing access, yet reliance on SMS-based MFA has become a common vulnerability. Disabling SMS as an authentication method and opting for more secure alternatives can prevent abuse. Finally, turning on automatic software updates and educating employees to avoid using corporate emails for personal activities are key steps in minimizing exposure to cyber threats. By staying proactive, organizations can significantly bolster their defenses in an increasingly hostile digital landscape.
++
Shawn Frederickson, Vice President of Cyber
and Information Security at Flexential
As Cybersecurity Awareness Month approaches,
it's crucial for organizations to stay ahead by strengthening their security
practices, especially with AI's growing influence. Flexential's 2024
State of AI Infrastructure report revealed a significant gap: nearly half of IT teams don't fully
grasp how to secure AI applications and workloads. This highlights an urgent
concern among IT leaders about the cybersecurity risks tied to AI investments.
While cyber threats evolve, many breaches stem from basic missteps like
outdated software or skipped multifactor authentication. Now more than ever,
companies must take a proactive stance on security, guiding employees to use
emerging tech like AI safely, rather than letting unregulated shadow IT take
root. Cybersecurity is a nonstop effort, and maintaining good cyber hygiene and
vigilance is vital to safeguarding sensitive data.
++
Dan
Root,
Head of Global Strategic Alliances, ClickShare
In the hybrid-dominated
workplace, where meetings consist of multiple offices and remote employees
coming together, the focus of tech leaders cannot only be around how to enable
collaboration but rather, how to create a secure collaborative environment. Collaboration
technologies must be adaptable for organizations that demand unique regulatory
and company requirements. Security is not just an add-on but a foundational
element, integrated into the architecture from the earliest stages of
development of a solution. End to end encryption of data, for example, is
crucial to mitigate vulnerabilities when investing in new solutions. Next to
that, regular updates, secure configurations, and proactive management are
essential practices of cybersecurity hygiene, working together to safeguard
data and technology against evolving threats. Understanding the balance between
human factors and information security is a differentiating skill set that will
serve any IT organization today.
++
David
Cottingham, President of rf IDEAS
It's imperative that as online threats grow more sophisticated, we
understand effective ways we as individuals as well as companies can safeguard
our digital assets and maintain trust in our technological infrastructure.
Mobile credentials, predicted to be used by over 60% of the global population
by 2026, can revolutionize access control for businesses when implemented
strategically. This technology enables fast, touch-free authentication,
enhancing both security and convenience. Plus, the current generation of mobile
credentials, particularly those in the mobile device wallet, use a more secure,
encrypted credential than legacy physical cards. And while adoption is usually
a big concern for businesses looking to migrate to more secure technology, most
people carry their phones at all times and are already using digital wallets
for consumer purposes. We're already observing cybersecurity strategies for
larger corporations shift to incorporating mobile authentication and this will
ultimately help ensure that only authorized individuals gain access to critical
systems and data, reducing phishing and ransomware attacks.
++
Tim Barnett, Chief Information Officer at Bluefin
Cybersecurity
professionals must continuously prioritize the protection of commercial data
across all environments where it is processed, transmitted, or stored. This
responsibility extends beyond safeguarding payment data to include the
personally identifiable information (PII) integral to commercial activities.
Implementing robust data privacy frameworks and advanced anonymization
techniques empowers organizations to secure sensitive information while ensuring
compliance with an increasingly complex landscape of global regulations and
standards.
++
Michael
Wilcox, Chief Security Officer, Stratascale
Cybersecurity is a team
sport-collaboration beats isolation every time. It's not just about better
tools; it's about better teamwork and cross-functional alignment. A major
challenge is being blindsided by the unknown unknowns. It's not the threats you
see coming-it's the ones lurking where you least expect. Attack surface
visibility is key here. AI is the sharpest sword in the CISO's arsenal, and the
biggest blind spot. While it's revolutionizing the way we approach cybersecurity,
it's also changing the playbook for attackers.
++
Dylan
Border, Director of Cybersecurity, Hyland
AI remains a top priority
for cybersecurity professionals because it introduces both significant
opportunities and risks that need to be fully understood by your business and
managed carefully. AI systems are trained on massive datasets, and if these datasets
are compromised or manipulated, the AI can make flawed decisions, leading to
security vulnerabilities and the potential for your data to be used in
unexpected ways. AI can also be used to automate and even enhance cyberattacks,
such as creating sophisticated phishing schemes, cracking encryption faster, or
easily bypassing traditional defenses with known flaws. As AI is integrated
more deeply into our critical systems, such as those supporting finance,
healthcare, and national security, understanding how to secure it becomes vital
to preventing catastrophic breaches or failures.
++
Shawn
Edwards, Chief Security Officer, Zayo
One trend that isn't receiving enough
attention is the intersection of cybersecurity and network infrastructure. As
networks become more complex, the potential attack surface increases. We'll see
more integration of cybersecurity processes & protocols directly into the
network fabric, making security a core component of infrastructure design
rather than an afterthought. As networks grow more complex, the expanded attack
surface requires a shift in how we approach security. Embedding security
directly into the network fabric ensures that protection is integral, not an
afterthought. Principles like Zero Trust Network Access (ZTNA) enforce
continuous validation, while automation and AI-driven defense provide
real-time, proactive threat detection and response. Looking ahead, self-healing
capabilities will allow networks to automatically mitigate threats and restore
functionality, reducing downtime and improving resilience in the face of
ever-evolving cyber risks.
++
Dror Liwer is the co-founder of Coro
For cybersecurity awareness month, I want
organizations to remain vigilant as we see an increasing number of AI-powered
cybersecurity threats, particularly the ongoing problem of social engineering
through phishing emails that are only getting harder to spot. For schools and
students, cyber-hygiene considerations differ by age. For example, college
students risk compromising credit card details that K-12 students may not have
to worry about. I recommend gamified cybersecurity training, specific for
younger kids, to introduce them to safe cyber practices, while college-age
students may learn cyber awareness alongside adults.
++
Mathieu Dobbeleir - VP of Product & Solutions, Barco Control
Rooms
Cyberthreats
are growing more complex, making real-time, comprehensive visibility of an
organization's attack surface crucial. Security Operations Centers (SOCs)
provide cybersecurity teams with centralized monitoring capabilities, enabling
teams to quickly detect vulnerabilities and respond to attacks. As technologies
like generative AI, predictive analytics, and Security Orchestration,
Automation, and Response (SOAR) tools continue to evolve, SOCs enable seamless
integration and management across an organization's digital infrastructure.
This paradigm shift transforms security from a reactive stance to a proactive,
predictive, and adaptive defense strategy. This transformation has the potential
to significantly reduce attack surfaces, minimize breaches, and increase
overall cyber resilience against the rapidly evolving cyber threat landscape.
While
the SOC is a key element in an organization's strategy to monitor and defend
against cybersecurity threats, great care should be taken to ensure that this
crucial piece of security infrastructure itself is adequately protected. A SOC
getting compromised could have catastrophic consequences for an organization's
ability to successfully defend itself against cyber threats.
Barco
CTRL, our operator software, is developed using the security-by-design and
security-by-default approach to support the highest levels of security of the
SOC. It is designed for operation in a zero-trust environment where it is
essential that all network communication is encrypted and authenticated.
++
Dylan Owen, CISO, Nightwing
As
organizations continue to collect and store information on their customers,
we're starting to see data breaches exposing personal information become more
common. Data like social security numbers and credit card numbers, in
conjunction with names and addresses, are always going to be useful for
criminals to commit fraud, so wherever they are stored will become a
target.
This
Cybersecurity Awareness Month, individuals must stay vigilant about their
personal information being used in phishing scams, especially as the use of
GenAI has elevated the sophistication of such attacks. Tangible steps
individuals can take include continuously monitoring their credit to see if
people are trying to get credit cards or loans in their name, and routinely
checking their bank accounts for any suspicious transactions.
Above
all else, individuals should question the need for a company to ask for the
information they are asking for, including being mindful of and examining their
data retention policies. The onus is also on organizations to ensure they are
only collecting and storing customer data that is absolutely necessary, and
regularly reviewing any information that is obsolete or irrelevant. This
optimizes their own security and mitigates the risk of future data breaches.
++
Roman Arutyunov, Co-Founder and SVP of Product at Xage
Security
Cybersecurity
Awareness Month should remind everyone that traditional security methods, such
as VPNs and firewalls, are no longer enough to prevent breaches, yet they are
still very much in use, especially in the industrial world. Critical infrastructure-energy,
manufacturing, transportation, communication, and more-is under attack. It is a
matter of national security that we modernize and adopt a zero trust
approach.
Unlike
traditional security methods that assume users within a network are inherently
trustworthy, the zero trust approach operates under the principle of
"never trust, always verify." This approach requires continuous
verification of each user's identity and actions, whether inside or outside the
network, ensuring no blind trust is granted at any stage.
In
Xage's line of work, where we are focused on critical infrastructure, It's
crucial to acknowledge that attacks such as the Change Healthcare and U.S.
Railway ransomware cyber attacks this year were entirely preventable. We must
ask why companies are operating on a decade-old cybersecurity strategy. It's
time for the industries that impact everyday people to incorporate strategies
prioritizing people's safety.
++
Pukar Hamal, Founder and CEO at SecurityPal
The
proliferation of AI over the past few years has introduced new cyber threats to
companies. As with any powerful tech, there's a trade-off between speed and
security: while AI helps companies achieve objectives quicker, it also
increases the scope for risk and attack. Organizations shouldn't shy away from
AI use altogether but rather do so with security and governance top of mind.
Establish a layered security approach - including encryption, behavior
monitoring, and automatic alerts for unusual activities - to defend your system
from cyber threats. At the same time, prioritize transparency in AI operations
across your teams, ensuring your entire organization understands how to safely
use AI and interpret its outputs. This is crucial for preventing AI misuse,
building trust with internal and external stakeholders, and stymying any cyber
threats associated with AI use.
++
Darryl Jones, Vice President, Consumer Strategy, Ping
Identity
Whether
it's logging into a banking app, making purchases online, or paying through a
mobile wallet, consumers use their digital identities every day, often multiple
times a day, to interact with businesses online. But this digital experience is
not always a pleasant, or easy, one. A majority of consumers (89%) have
complaints about passwords, with 61% admitting they have too many to keep track
of. To no surprise, over half (54%) have stopped using an online service
because they became frustrated when trying to log in.
Traditional
password-based authentication does not provide the most secure or seamless
experiences, two critical elements to earning consumer trust. Adopting a
mindset of ‘never trust, always verify' will not only help improve resilience
against emerging AI-based threats, but create a better overall digital
experience for consumers. This Cybersecurity Awareness Month, I encourage
organizations to explore the powerful combination of identity verification and
digital credentials to help create a more secure world.
++
Rakesh Shah, AVP - Product Management, LevelBlue
Cybersecurity
has become more dynamic and complex than ever before, due in large part to the
rapid proliferation of artificial intelligence (AI). In fact, 56% of C-suite leaders say that computing complexity has made it impossible to
assess how a cyber attack impacts the organization.
The
cybersecurity community - including vendors, security operations teams, and the
private sector - must remove the complexity from proper defense strategies.
During a time when threat actors are leveraging generative AI to write targeted
emails, impersonate public figures and personal contacts, as well as write new
malware, we must act quickly and collaboratively. The pendulum will soon swing
to the other side, as defenders and vendors invest in AI to counterbalance what
the malicious actors are doing. We need to simplify security and take a page
from the offense's AI playbook, not just this Cybersecurity Awareness Month,
but for years to come.
++
Kevin Bocek, Chief Innovation Officer at Venafi
Rise
of the machines is here! As Cybersecurity Awareness Month unfolds, new AI
technology from AI agents to AI coding assistants are here. But our new
superpowers will bring new threats. Opportunities for attackers to authenticate
at machine speed and uncertainty about the source and integrity of code have
already emerged. Recent research underscores a growing challenge: 83% of security
leaders report that developers are using AI to generate code, but 66% find it
difficult to keep up with these rapid technological advancements. With 92% of
security leaders expressing concern about the risks posed by AI-generated code,
we're going to find new paths ahead.
So
if the machine are here and security professionals are so concerned, what do we
do? Humans and machines have at least one thing in common: they both require
identities. We use machine identities to identify machine running and
communicating, use code signing to authenticate code from opensource. All of
this allows us to use the Internet, install apps on mobile devices, and fly
safely on today's latest digital aircraft. Applying these same machine
identity techniques - when secured - solve the challenges that AI agents to AI
coding assistants will present.
++
Kaarel Kotkas, CEO and Founder, Veriff
Cybersecurity
is no longer synonymous with the digital space. Today, our online and offline
worlds merge. The difference is related to scale-while one is global, the other
is local. Yet, security is crucial in both worlds to ensure the person you are
interacting with is precisely who they say they are. Research shows that
fraud is on the rise, with nearly half (47.8%) of online users encountering
some form of online fraud from January 2023 to January 2024. In light of this,
use cases to verify a person's identity online are expanding.
For
example, one of the ride-sharing platforms just announced rider verification
to ensure
the safety of rideshare drivers and passengers. Dating platforms also verify users to
ensure their authenticity, and businesses verify their customers' ages before
the consumer orders age-restricted goods via a delivery app.
Identity
verification and authentication is infrastructure for any industry, bringing
trust and security, not only to our online spaces but also to our offline
interactions.
++
Mike Lexa, CISO, CNH
Cybersecurity
Awareness Month is more than just a time to reflect on our nation's
cybersecurity preparedness across industries and organizations. October is also
a fitting time to acknowledge the immense opportunity that exists to cultivate
and develop new talent within a rapidly changing field. With advancements in AI
and other technologies, cybersecurity risks will only grow more prevalent in an
increasingly complex threat landscape. As cybersecurity experts, it's our
responsibility to create a space that fosters education and training for new
professionals, especially due to the existing cyber talent gap.
While
the need for cybersecurity talent is universal across all industries, unique to
the agriculture industry specifically, the security of farming operations
directly impacts our global food supply. For both the agriculture space and the
security industry as a whole, there is an urgency to address this pressing
need. This starts by providing the proper tools and training to support talent
growth, and by cultivating accessible opportunities to get involved in the
industry. By taking the time to develop and offer hands-on training and
education initiatives for present and prospective employees, organizations can
build a more skilled workforce that's readily able to defend against future
attacks.
++
Omar Khawaja, Field CISO, VP Security, Databricks
What I've found from talking to hundreds of security leaders
across the public and private sectors is that when it comes to generative AI,
many leaders are worried they don't know which risks to worry about. On top of
this, they also know that not investing in GenAI may pose a different kind of
risk-falling behind. Risks can range from training data poisoning to prompt
injection to model theft. And while there isn't a "silver bullet" strategy when
it comes to protecting against these threats, companies should focus on the
specific risks that matter most to each specific GenAI use case. This means
throwing the long list of potential-but ultimately, not relevant-risks out the
door and reviewing your deployment architecture, strategy and end goals for
incorporating AI.
To
help security leaders actionably manage AI risks, we've done extensive research
and developed the Data and AI Security Framework (DASF). This framework
includes considerations around AI system architecture, risk identification, AI
deployment models, mitigating controls and control deployment guidance.
Fear
- whether it's fear of missing out or fear of security risks - cannot drive
your AI strategy forward. Fear places you on the fringes of the AI spectrum,
and I believe there is a happy medium where your team is aligned on AI goals,
risks and opportunities. That middle ground is foundationally sound for strong
decision-making once you truly know how AI works inside and out.
++
Chaim
Mazal, CSO at Gigamon
Adversarial
AI is outsmarting current security defenses. To stay ahead, organizations must
gain deep, real-time visibility into all network traffic. Today, one in three breaches are
going undetected and of those that are
detected, only 25 percent of breaches are being detected in real-time. Given 93 percent of malware hides
in encrypted traffic, prioritizing deep
observability across your hybrid cloud infrastructure is mission-critical for
securing sensitive data.
++
Mark Wojtasiak, VP, Research & Strategy, Vectra AI
October
marks Cybersecurity Awareness Month, a crucial time to spotlight the
ever-evolving landscape of digital threats and the indispensable role of
Security Operations Centers (SOCs) in safeguarding our digital world. As cyber
threats grow more sophisticated and pervasive, SOCs serve as the frontline
defenders, tirelessly monitoring, detecting, and responding to potential
breaches with unmatched vigilance.
SOC
teams spend an inordinate amount of time on manual mundane tasks, like triaging
hundreds if not thousands of alerts a day, only to find they've spent hours
investigating false positive after false positive while real attacks fly under
the radar. The fact is, the traditional SOC model is broken - but what is the
problem upstream? Why do we have alert overload, false positives, bottlenecks,
blind spots, latency, and overworked analysts? I would argue it's the nature of
the attacks. Let's face it, SOC teams have more attack surface to cover meaning
more methods for attackers to infiltrate, evade defenses and progress their
attacks. Detection engineers try to keep pace by creating detection rules,
correlating them, tuning them, etc. but this workload is also manual, time
consuming and latency ridden.
Fortunately,
behavior-based AI-driven analytics enables security engineers to dramatically
streamline detection, correlation, and prioritization of threat events across
attack surfaces (endpoint, network, identity and cloud). The result - more
accurate integrated signal going to the SOC, and isn't that what we need to
transform the SOC? By aggregating data from various sources and utilizing
advanced tools and techniques, the SOC can quickly identify patterns and
anomalies that might indicate a true potential threat. Its round-the-clock
operation ensures that threats are detected and addressed in real-time,
reducing the window of vulnerability and minimizing potential damage.
++
Will LaSala, Field CTO, OneSpan
As
Cybersecurity Awareness Month unfolds, it's crucial to spotlight how
phishing-resistant technologies are revolutionizing defenses across multiple
industries. With 95% of security breaches resulting from human error, cyber
education is undeniably important, but it should not be the only line of
defense digital threats encounter. Advanced authentication protocols like FIDO2
and WebAuthn leverage public key cryptography to secure login processes. These
methods render stolen credentials useless to attackers, offering a highly
secure and user-friendly approach that goes beyond traditional security
measures.
With
digital agreements and
transactions now integral to business operations
and threats continuing to escalate, companies must focus on securing the
customer experience from end-to-end. By integrating advanced authentication
methods, organizations can ensure transactions and identities are verified,
mitigating the risk of credential theft. Combining these technologies with
ongoing user education provides a comprehensive defense, reinforcing our
cybersecurity infrastructure against evolving threats. This Cybersecurity
Awareness Month, let's champion these methods as the gold standard
in online security.
++
Ram
Mohan, Chief Strategy Officer, Identity
Digital
This
Cybersecurity Awareness month, I would like to highlight the critical role
domain registries play in securing the online ecosystem. They are the gateway
to secure and trusted online experiences. Without reliable registries, the
internet would lack the organization and accessibility needed for users to find
information online.
Unfortunately,
Domain Name System (DNS) abuse poses threats to the safety of this ecosystem,
and can lead to significant harm, including identity theft and loss of trust.
These threats can take the form of phishing, malware, pharming, botnets or
spam. Worse, when used as a delivery mechanism, DNS abuse doesn't just harm the
individual targeted, it reduces confidence in a single, interoperable
internet.
This
is where registry services focused on protecting and securing the DNS come into
play. Combating DNS abuse requires collaboration across various sectors.
Whether it be registries and registrars, hosting providers, or online
platforms, safeguarding the internet is a collective responsibility, and we
must ensure that the internet is a secure and stable environment for creators,
organizations, and businesses to connect with their audiences.
The
good news is that organizations worldwide are starting to see the importance of
DNS security. For example, emails are now secured using domain-based message
authentication, reporting, and conformance (DMARC), a technology that has
surged in use by 28% since 2020. With the advancement of Artificial Intelligence (AI), the
distinction between good and bad actors is further blurred. Responsible
organizations must collaborate and cooperate to ensure we stay ahead of the
next set of threats to cybersecurity.
++
James Hadley, CEO and Founder, Immersive
Labs
Over
the past year, we have seen significant cybersecurity events, such as
disruptions caused by supply chain, social security number, and Medicare
breaches that have highlighted how fragile our digital ecosystem can be. System
compromises and ransomware attacks have proven to be devastating to
organizations, costing businesses around 5 million dollars on average. These
various crises have once again proven that the status quo of traditional
cybersecurity certifications and awareness training is simply ineffective.
Rather
than offering realistic crisis simulations, many businesses are mired in the
same antiquated training over and over again, while the threat landscape has
continued to evolve. So, why are leaders still relying on a list of names of
employees who watched an outdated video to check the cybersecurity box? How can
we be confident in the skills of our cybersecurity professionals if we aren't
evaluating their hands-on skills based on data?
With
cyber drills, CISOs can prove and improve their organization's knowledge,
skills, and judgment against simulated attacks. These drills give leaders the
proof they need to better understand their organization's cyber capabilities
and shortcomings. In a world where a data breach or disruption is seemingly
inevitable and increasingly expensive, check-box awareness is no longer enough.
Hands-on, measurable exercising programs for specific individuals, teams, and
departments are essential in mitigating the impact of these events and ensuring
businesses' most sensitive data remains secure.
++
Matt
Psencik, Director, Endpoint Security, Tanium
A
key part of building any IT or Security program (and really any successful
organization) is avoiding single point of failure scenarios and getting
information from multiple differing sources. While what happened on July 19th
would not have been prevented by a company having multiple solutions, it does
show a weakness many security teams have by relying on one vendor for multiple
solutions.
When
working through designing my teams and educating others, I stress that having a
diverse set of security tools that can watch each other and feed from different
intel sources is always preferable if budget allows. Having multiple vendors
not only monitoring each other but providing slightly different capabilities
can be the difference in catching an adversary in the act and missing them for
months while they dwell in your environment using a new tactic.
One
tool might give incredibly detailed logs about what a process on a box is up to
on a single endpoint level but might be somewhat blind to broader and slower
attacks on the organization. This Cybersecurity Awareness Month, we need to
raise greater awareness around the fact that the world doesn't need one
platform, but a platform of platforms that provide differentiated capabilities
to address today's most challenging IT challenges.
++
Dale
"Dr. Z" Zabriskie, Field CISO at Cohesity
The
growing threat of ransomware and insider attacks has made data resilience more
critical than ever. According to Cohesity's Global Cyber Resilience Report, over 3100 IT and Security
decision-makers globally were polled and confirmed the threat of cyberattacks -
especially ransomware - continues to rise, with the majority of respondents
falling victim to a ransomware attack in the last six months, and most having
paid a ransom in the past year. A full 80% of those surveyed said they had
responded to what they believe to be AI-based attacks or threats within the
last 12 months. Organizations must have a multi-layered defense strategy to
combat these threats. Implementing solutions such as immutable snapshots,
encryption, and strict access controls is essential to ensuring critical data
is secure. Isolating backup data and employing advanced protections like
time-based locks can make the difference between a minor incident and a major
disaster. In today's threat landscape, being prepared with these layers of
defense is crucial for cyber resilience in the effort against both ransomware
and insider threats.
++
John Paul (JP) Cunningham, CISO, Silverfort
The
Snowflake, Change Healthcare, Okta, MGM, and U-Haul breaches all share
something. Compromised credentials were the golden ticket for hackers to get in
and access sensitive information from their environments. Despite all these
breaches overtaking headlines, identity remains the most vulnerable element of
the enterprise attack surfaces and has become one of the most frequently used attack methods.
While
there are protections, like multifactor authentication (MFA) that are a good
starting point, MFA cannot fully protect hybrid environments, a user, or an
enterprise from getting hacked. Recent identity security
research found that almost a third of all
user accounts are highly privileged non-human identities (aka service
accounts), which attackers target as they can be overlooked and hard to protect
with MFA. Visibility and the ability to take action is an organization's most
important line of defense and teams must address the security gaps in their
identity infrastructure to help prevent future data breaches. This means
incorporating solutions that can identify and isolate compromised users and
machines instantly - enforcing additional monitoring and protection measures on
privileged accounts, for example.
Without
better identity security tools, attackers will continue to succeed using
identity as a gateway to enter an environment. This Cybersecurity Awareness
Month, organizations must put more priority on identity security, adopting a
more holistic approach to stop and prevent widespread breaches/lateral
movement.
++
Anudeep Parhar, Chief Operating Officer, Entrust
The accessibility of AI has allowed cybercriminals to increase the scale of personalized cyber-attacks while simultaneously reducing the skill level required to launch them at scale. Emerging risks posed by AI-powered deepfakes, post-quantum cryptography, and synthetic identity fraud mean it’s no longer a matter of if, but when an organization will suffer a data breach, ransomware event or another type of cyber attack. Security and risk leaders need to shift their perspective and view cybersecurity in a new way. Instead of looking to the next big thing, focus on building a cyber-resilient organization with explicit operational capabilities that enable delivery of business outcomes despite cyber attacks.
In today's rapidly evolving threat landscape, a defensive strategy is no longer enough. It’s time to prioritize an offensive, Zero Trust approach of “never trust, always verify.” With this mindset, even if data is exposed, businesses can prevent threat actors from gaining access to sensitive data without first verifying who is trying to access the sensitive information. For this, identity is central, especially as we enter a new, digital, age where our driver’s licenses and even passports live on our devices. Zero Trust is not a product or a solution, but a holistic approach that leverages multiple security controls and technologies to verify every request, enforce granular policies, and monitor all activities across the organization. A successful Zero Trust transformation requires not only technical changes but also cultural and organizational changes.
++
Jay Mar-Tang, Field CISO at Pentera
Cybersecurity Awareness Month is a time to reflect on the past year and prepare for the future. As security professionals, we are often overwhelmed by the “tyranny of the urgent”, yet taking a step back to strategize what we can do better in an ever-challenging threat landscape can challenge us to think outside of the box. Is our current strategy leaving any gaps in our posture? Do we even have the ability to find these gaps in the first place?! This is where continuous testing can dramatically help us understand our posture. Similar to martial arts, conducting drills and real-life pressure testing can ensure we are ready when reality strikes.
Adopting the continuous threat exposure management (CTEM) framework is like practicing your moves regularly; it sharpens your skills and prepares you for unexpected attacks. CTEM allows you to evaluate your risk posture effectively, properly prepare your resources, and prioritize critical areas of exposure across the enterprise. Integrating this approach into your cybersecurity strategy ensures real-time detection and quick responses to threats, just as a martial artist stays alert and adaptable to many different types of threats.
++
Yariv Fishman, Chief Product Officer, Deep Instinct
As October ushers in Cybersecurity Awareness Month, it’s important to spotlight the rapid advancement in generative AI and its implications for data security. This technology has transformed the market and opened new avenues for innovation. However, alongside its benefits, generative AI also presents unique cybersecurity challenges. In fact, 97% of security professionals are concerned that their organization will suffer an AI-generated security incident.
The weaponization of AI is advancing at an alarming rate, enabling attackers to produce new malware variants faster than ever. Traditional security mechanisms that rely on machine learning (ML) already struggle to defend against novel, unknown threats. And as AI-driven attacks become more sophisticated, existing defenses are increasingly inadequate.
However, the good news is that real-time prevention is possible to compact ongoing zero-day data security threats. This requires a shift from the defeatist "assume breach" mentality to a prevention-first mindset. Business leaders must fully adopt deep learning, the most advanced form of AI, to combat AI threats. Only deep learning provides robust protection against sophisticated AI and zero-day threats while ensuring real-time explainability, allowing organizations to understand and respond to threats as they arise. By integrating these technologies, we can safeguard the world’s most valuable asset—data—against evolving risks and enhance our overall cybersecurity posture.
##