Virtualization Technology News and Information
Article
RSS
National Cybersecurity Awareness Month 2024: Industry Experts Share Their Thoughts

NCSAM 

National Cybersecurity Awareness Month (NCSAM) is an annual campaign held in October to raise awareness about the importance of cybersecurity and to encourage individuals and organizations to take steps to protect themselves from cyber threats.

This year's NCSAM theme is "Secure Our World." This theme recognizes the importance of taking daily action to reduce risks when online and using connected to devices.

To celebrate NCSAM and to help our readers learn more about the latest cybersecurity trends and threats, we have reached out to a number of industry experts to get their thoughts on the upcoming campaign.

We hope that this article will help you to learn more about cybersecurity and to take steps to protect yourself and your organization from cyber threats.

++

Darren Guccione, CEO and Co-Founder, Keeper Security

October 2024 marks the 21st anniversary of ‘Cybersecurity Awareness Month'. However, over the past two decades, as we've witnessed a surge in cyber attacks and the continued emergence of new and evolving threats, it's become increasingly clear that awareness alone is not enough. A recent survey revealed that a staggering 92% of IT and security leaders have reported an increase in cyber attacks year-over-year.

It's time for us to move from awareness to action.

So, how can we transform Cybersecurity Awareness Month into Cybersecurity Action Month? The key lies in prioritizing straightforward, yet often overlooked, cybersecurity best practices.

One effective strategy is deploying a Privileged Access Management (PAM) solution, which enhances security by controlling access to sensitive systems and data. This reduces the risk of unauthorized access and data breaches, and minimizes the impact of a breach if one occurs.

Additionally, creating strong, unique passwords for each account remains a critical first line of defense against unauthorized access. Utilizing a password manager can significantly improve security by generating and storing high-strength, random passwords for every website, application and system. Strong and unique passwords help prevent the domino effect in which the compromise of one account leads to further unauthorized access.

When selecting a password manager, look for providers that offer transparent security architecture, zero-knowledge and zero-trust infrastructure, and hold certifications like SOC 2, ISO 27001, 27017 and 27018, as well as FedRAMP Authorization. This ensures the highest level of protection for your sensitive information.

Don't get hacked. This Cybersecurity Awareness Action Month, let's commit to proactive measures and adopt fundamental cybersecurity practices to significantly reduce our vulnerability to cyber threats.

++ 

Jason Mafera, Field CTO of IGEL

For too long companies have been reactive in trying to defend themselves against compromise. It has failed. To effectively combat cyber incidents, organizations need a fresh perspective, based on a preventative security model that takes a security-first approach rather than leaving security as an afterthought. We need to limit data storage at the edge, reduce the attack surface as much as possible and enable rapid recovery – all without compromising user experience.

Organizations also need to better address cybersecurity and recovery relative to their end user-facing endpoint devices – one of the biggest gaps in many cyber resilience programs. Most organizations have robust recovery plans that cover their centralized infrastructure and data. But they often overlook the time and effort required to recover their end user devices. That’s problematic both because end user endpoints are labor intensive to clean, reimage and redeploy as part of a recovery effort and because, in today's distributed world, user endpoints may also need to be collected and redistributed. There is no such thing as perfect security, but devices that are secure by design and leverage a preventative security model make recovery easier, less labor intensive, and non-impactful to end users and business.

++

Sterling Wilson, Field CTO, Object First

Here we are at Cybersecurity Awareness Month once again, and the progression of cyber incidents show no signs of easing. Phishing, intrusion and other types of attacks are happening more rapidly than ever (every 39 seconds or 2,200 a day in 2023), and the attacks continue to increase in sophistication as AI is leveraged more and more.
 
Access to clean backup data is the essential component in any Resilience Plan, yet a recent report shows, despite making investments in tech like AI, resiliency readiness in most organizations remains low. Some argue that leveraging AI simply broadens points of vulnerability, complicating the issue they intended to solve. In a world where the induction of AI into everything seems inevitable, where does one start when building their resilience plan? Enter Zero Trust Data Resilience (ZTDR). ZTDR directly addresses data backup and recovery systems within the Zero Trust paradigm. It includes extended principles, a reference architecture, and a set of principles that enhance your security posture. In the ever-changing world of cybersecurity, ZTDR provides a path to data reliability. So… do the expanded threat surfaces introduced by AI outweigh the benefits of implementation? That’s a debate for another time. First, let’s secure that data.

++

Martin Zugec, Technical Solutions Director, Bitdefender

As we mark another Cybersecurity Awareness Month, our advice remains consistent: Focus on defense-in-depth and multilayered security strategies. This year, however, the stakes have grown higher. Threat actors are now exploiting vulnerabilities within hours of discovery, indiscriminately targeting companies and industries, which has led to a surge in attacks.

The emergence of new ransomware groups – driven by internal conflicts within the ransomware-as-a-service (RaaS) ecosystem – adds to the urgency. These newer groups, often operating with fewer moral constraints, present a significant threat to organizations of all sizes.

In a recent survey, over half (57%) of security professionals stated they experienced a data breach or leak in the last year. As cyberattacks evolve, businesses must shift from exclusively relying on reactive defenses to more proactive strategies that reduce their overall attack surfaces. This involves implementing patch management and other preventative measures, coupled with endpoint security solutions like extended detection and response (XDR), and considering managed detection and response (MDR) services to address resource gaps and ensure comprehensive cybersecurity.

While Cybersecurity Awareness Month offers an opportunity to spotlight ongoing challenges, the reality is that strong security requires everyday commitment. By adopting multi-layered and proactive strategy, businesses will significantly reduce their risk and improve cyber resilience in the event an incident occurs.

++

Phil Swain, CISO, Extreme Networks

This Cybersecurity Awareness Month, I urge IT professionals to remember that managing the network and cybersecurity are no longer separate tasks. Many areas of IT are converging, and security solutions can't be bolted onto infrastructure as an afterthought; organizations must make every technology decision with security in mind. One way to help address this is to adopt Zero Trust Network Access (ZTNA) strategies and solutions. ZTNA enables IT teams to continuously verify users and limit network access based on identity and context. By ensuring consistent security measures across users, devices, applications, and IoT endpoints, ZTNA solutions can help reduce the risk of security breaches and while also reducing complexities associated with juggling multiple solutions and addressing gaps in security. The network is the connective tissue of all technology used across an organization, so by ensuring security is integrated into network management and user access, IT teams can optimize resources while creating a foundation for holistic security practices and an overall stronger security posture.
 
Cybersecurity Awareness Month is also a great time to underline the importance of security awareness for employees and network users. IT teams can take all the necessary steps, but security can still be impacted if an employee falls for a phishing scheme. For enterprises and other organizations, this month is a great time to educate employees on ways they can avoid falling into common traps and instead become an asset to your security organization. Not only does this benefit the business, but it also enables employees use these skills in their personal lives and educate friends and family members to help them avoid falling for scams targeting individuals. We all use technology at work and at home, so having some cybersecurity awareness is important for everyone.

++

Nitin Singhal, VP of Engineering - Data, AI, and Integrations at SnapLogic

Meeting the pace of GenAI security by shifting left in architecture design

Security isn't a final checkpoint; it's the foundation of product philosophy. Integrating security from the outset is crucial to mitigate costly reputational damage post-launch. If these controls are not pushed to the left and are after-thoughts, the damage is already done, and we might have breached regulatory boundaries and user trust. To avoid such a situation, you should define architectural tenets to ensure metadata collection, auditability, and digital asset inventory as part of regular software development.

GenAI commoditizes technology access by pushing new technology into the hands of almost everyone at a company. While this has many benefits, the responsibility to meet security measures grows exponentially. Leaders must ensure robust safeguards at every potential vulnerability point, balancing innovation with protection. In this new landscape, security isn't just an IT concern—it's a company-wide imperative that shapes our digital future.

The industry's AI adoption FOMO is leading to security and compliance risks

Don't let FOMO drive your GenAI strategy; ensure it's built on a foundation of compliance, transparency, and trust—because in the race to innovate, knowing where your data flows is as crucial as the innovation itself. GenAI is not very different from how we think about AI security, but there is a subtle difference: LLMs do not have a delete button. Once data lands in the public LLM model, it is irreversible and cannot be deleted. So as an organization, you have to consider regulations like GDPR, and it’s crucial to know where the data is coming from and going to. You must know if the models are auditable and if they're not going to introduce any biases or lead you to a situation that causes you to not be compliant. Please note that it is not just about regulatory compliance but also user trust.

A well-architected system minimizes dependency on customer data and maximizes the metadata that they collect at the lower granularity. These principles enable engineers to build systems where you can configure current and future controls rather easily. Otherwise, whenever there is a new law, you have to stop what you are doing and set up a new team to build controls on top of the already tangled web of data. Businesses don’t want to be in a state where they don’t know where the data comes from (lineage). Think about tangled wires going to and from the circuit board to the switchboard. If you don’t have a clear indication of which one turns on the switchboard, you could be at risk or at fault for a security or compliance violation.

++

Raj Ananthanpillai, Founder & CEO, Trua

Insider threats are growing in prevalence and cost, with incidents now averaging $4.99 million, according to IBM’s Cost of a Data Breach report. These threats often go undetected until it’s too late, which is why traditional security models are failing.

To combat this, Continuous Evaluation (CE) is no longer just a nice-to-have—it’s an imperative for safeguarding your business. CE provides continuous, real-time monitoring of behaviors, access patterns and data transfers, identifying anomalies before they escalate into damaging incidents. This proactive, ongoing evaluation of risks helps organizations detect and mitigate insider threats before they reach a critical point.

CE isn't just about passive observation—it actively works to identify patterns that signal potential risks and takes preventive measures in real time. Unlike static, one-time assessments, CE frameworks operate around the clock to safeguard your most valuable assets. While AI plays a supporting role by enhancing the depth and accuracy of risk detection, the foundation remains the prescriptive, always-on monitoring that CE offers.

The future of security is proactive, not reactive. Continuous Evaluation is the foundation of that future.

++

Al Pascual, CEO, Scamnetic

It's Cybersecurity Awareness Month, but let's skip all the cliches and get down to brass tacks: your cybersecurity awareness training isn't working.  You may argue that your employees are paying closer attention to their emails, etc., and that is not wrong, but it's not great either.  Employees still get phished or scammed, leading to fraudulent payments, or worse yet, a foothold for ransomware attacks.  Alternatively, they may worry that something in their inbox is malicious, so they pick up the phone and call - which is what you want, right?  Not quite.  What you want is for them to not fall for a social engineering attempt, but you don't really want people spending their time confirming a communication with another communication.  Just as we worry about security analysts getting alert fatigue, our employees are getting educational fatigue.  Employees cannot be expected to interrogate every communication they receive accurately all of the time. It is inefficient and ineffective.  We automate everything else, but why not this?

++

Sam Peters, Chief Product Officer, ISMS.online

One of the biggest challenges organizations face is managing third-party risk (according to the State of Information Security Report), with 79% of businesses affected by a cybersecurity incident caused by a third-party or supply chain partner. Threat actors increasingly exploit weak links in the supply chain, highlighting the need for robust vendor and supplier management processes.
 
To mitigate this risk, organizations should adopt comprehensive frameworks like ISO 27001, which offers a structured approach to safeguarding supplier relationships. Key policies include:

  • Risk assessments (6.1) to identify and mitigate vulnerabilities.
  • Classification of information (A.5.12) to ensure that sensitive data is properly secured.
  • Supplier relationship security (A.5.19 to A.5.22), which covers embedding security into supplier agreements and actively monitoring them to prevent breaches.

In addition to supply chain management, the “human element” remains a prime target. Investing in employee education and awareness is critical. A strong information security program must prioritize ongoing training.

++

Kurt Markley, Managing Director Americas at Apricorn

The Cybersecurity Infrastructure Security Agency (CISA is correct that organizations should focus on recognizing phishing attempts, using strong passwords, turning on MFA and patching/updating software to thwart cyber-attacks. The issue is that these excellent defensive tactics don’t prevent every attack from becoming a successful breach.

As we roll into Cybersecurity Awareness Month, we are reminded to ensure our cyber resilience plans are documented, enforced and utilized all year long. When a data breach happens, organizations must be able to access, recover and restore complete copies of their data. It was just earlier this year that Change Healthcare, which has robust cybersecurity programs in place, had 4TB of data stolen, paid a $22 million ransom and still likely did not get back all their data assets.

The best way to remain resilient about data is to embrace the 3-2-1 rule, which is a simple yet effective best practice. It calls for organizations to maintain three copies of data, in two different formats with at least one dataset kept offline and encrypted. By doing so, data might be stolen from one location but remains intact in another.

Additionally, we encourage organizations to regularly audit their cloud data and identify what assets can be removed and stored offsite on encrypted devices. By doing so, they reduce the attack surface of available data and reduce their long-term storage costs. Why pay rent for archival data storage in the cloud when you can own a secure storage device? 

++

Dana Simberkoff, Chief Risk, Privacy, and Information Security Officer, AvePoint

This coming year, organizations will continue to be challenged with balancing AI innovation with secure implementation – all while navigating an increasingly complex regulatory landscape. The market for AI technology is moving incredibly fast, with new open-source tools being created and spread every day. In 2025, global governments will look to increase regulation around AI tools, to ensure that the technology is being used ethically and safely by organizations and citizens alike. To prepare for tighter regulations around AI use and creation, security leaders should urgently prioritize the adoption of a comprehensive data strategy, including robust data management, governance, and protection policies. Effective AI implementation is only as good as the quality of data used – everyone now needs a data strategy for AI use, whether they’re ready to implement the tech company-wide or not.

AI technology has tremendous potential to be used for innovation, optimization and advancement – but on the other side of the coin, bad actors will also be using these tech advancements to carry out cyber-attacks. CISOs and security leaders should keep in mind that security is everyone’s job in the organization. This Cybersecurity Awareness Month, all employees should take the opportunity to educate themselves on how AI is using their data, how the changing regulatory environment will affect their use of the tech, and what cyberthreats pose danger to their teams.

++

Shane Cox, Director, Cyber Fusion Center at MorganFranklin Consulting

Many organizations measure superficial metrics like the number of blocked attacks or number of incidents, but they don’t focus enough on metrics that provide real insights into security posture and evolving risk. Many organizations already track Mean Time to Detect (MTTD), Mean Time to Respond (MTTR), and dwell time (how long an attacker is inside the network before detection). These metrics help assess how quickly a threat is identified and contained, directly impacting risk management. However, beyond this basic set of measurements organizations should implement continuous attack surface monitoring, vulnerability scanning, and risk scoring, so they can get a dynamic view of the environment’s risk exposure. Building on this second set of measurements with threat intelligence is key. For example, many organizations see perimeter scanning from the internet as noise instead of telemetry. By capitalizing on material threat intelligence, security professionals can evaluate changes in scanning behavior attributed to known threat actors from correlated sources. This helps identify when typical reconnaissance transitions to target specific applications or infrastructure.

Additionally, organizations frequently collect security data without tying it back to business goals. Security metrics should be aligned with business objectives to demonstrate how cybersecurity directly supports business continuity, and outcomes, and minimizes financial impact. Defining specific security KRI and KPI metrics allow cyber security programs to be an enabler and key input to business intelligence can also lead to more effective and proactive strategic decision making.

++

Stephen Gates, Principal Security SME, Horizon3.ai

While CISA’s advice, such as using strong passwords, enabling multi-factor authentication, and updating software is a solid starting point for enhancing cybersecurity, it does not fully address the sophisticated cyberattacks we are observing today. Cybercriminals are continually refining their techniques, often exploiting weak points that traditional, static defenses can’t cover.

To stay ahead, organizations need to assess their risk using the same tactics, techniques, and procedures (TTPs) that attackers use. Organizations must move beyond static defenses and adopt proactive, continuous risk assessments, simulating these very same TTPs to uncover exploitable vulnerabilities and weaknesses before attackers can.

Autonomous penetration testing solutions are becoming a standard so organizations can continuously assess their risk. By using the same strategies attackers use, organizations can validate their defenses and ensure their systems are prepared for what comes next. It’s no longer about adhering to basic safeguards—it’s about testing your security every day, the way an attacker would.

++

John Prisco, CEO of SafeQuantum and Consultant for Toshiba
 
The battle for cyber security awareness has grown exponentially over the past decade. Initially, the task of updating software patches was the beginning of basic cyber hygiene (known as Patch Tuesday). Diligence in maintaining software at its latest version was rewarded with preventing vulnerabilities.  Failure to maintain was responsible for some of the most spectacular software failures.  
 
As we approach the availability of cryptographically relevant quantum computers (CRQC) the job of securing our sensitive information has become infinitely more complex. While there is no such quantum computer today, an error corrected version of a quantum computer is likely to be available by 2030, thereby reaching CRQC status. Securing sensitive information is no longer as easy as practicing good cyber hygiene. Now we must have a new encryption approach which no longer can depend on Diffie Hellman’s public key cryptography; we will have to defend against the quantum threat with quantum tools. These tools include the recently standardized PQC algorithms from NIST and the quantum information science approach of QKD.
 
PQC alone exposes the user to an approach which does not offer information theoretic security. Without such security PQC algorithms can be exploited given enough computer power and enough time. On the other hand, QKD does offer information theoretical security.  With QKD an adversary can have unlimited computer power and infinite time but will still fail at decrypting a QKD protected data stream.  Therefore, we recommend a hybrid approach which combines the power of QKD and PQC. To avoid using both will prove to be the quantum age equivalent of poor crypto hygiene.

++

Marshall Heilman, CEO, DTEX Systems

Insider threats are one of the most overlooked yet significant business risks for organizations today. Insider-related data loss and threats are more common than many realize: all insiders pose risk to organizations, but the threat comes from negligent, malicious, or compromised user activity. Recent research by the Ponemon Institute and DTEX Systems reveals the average annual cost of an insider incident has soared to $16.2M—a 40% increase over the last four years.
 
It is critical to understand that insider threats aren’t going away; rather they are escalating due driving forces like the current election cycle, the rapid expansion of AI, remote work, and nation-states and cybercriminal groups extorting or purchasing access to IP and user accounts from insiders. Companies and governments must take a proactive approach to managing insider risk to ensure the safety of their business and people.

++

Prakash Mana, CEO of Cloudbrink
 
As the threat landscape grows increasingly complex, driven by AI-enhanced attacks and Cybercrime-as-a-Service, traditional security measures won’t keep pace. The transition to flexible work-from-anywhere models adds complexity and increases vulnerabilities as employees operate beyond the traditional network perimeter.

Here, new innovations like Automated Moving Target Defense (AMTD) and Personal-SASE become crucial. AMTD thwarts attackers by continuously changing the attack surface, making it almost impossible to find vulnerabilities to exploit. Meanwhile, Personal SASE left-shifts security to the user ensuring secure, granular access, even in unsecured environments.

Embracing these innovations will result in operational and security benefits. The long-promised convergence of security and networking should remove much of the complexity from IT operations and close the security gaps it creates. Expect also to see the today’s dual strategies for office based and remote workers replaced by one zero-trust architecture and policy for all, resulting in better security and lower OpEx. 

++

Sam McMahon, IT & Security Senior Manager, Valimail

The end of the year is a great time to update and review cybersecurity posture. As we look towards 2025, it’s critical that all companies establish and add AI usage policies to their cybersecurity playbook.

Employees will (and should) seek ways to incorporate AI into daily tasks, but without the proper guidelines in place, this evolving technology can expose a business to unnecessary risk. A well-defined policy empowers employees to leverage AI for increased efficiency, while providing expectations for how and when this emerging technology should be used. This is especially important when it comes to leveraging AI for handling sensitive information.

It is equally important to look into the AI policies of current and potential third-party vendors to understand how your data flows through these systems or how it might be used to train AI future models. AI holds immense potential, but requires a risk-based approach like any technology or vendor a business relies on.

++

Steve Wilson, Chief Product Officer at Exabeam

Over the past year, the advent of generative AI has shifted the cybersecurity landscape drastically for both attackers and defenders. Threat actors are leveraging AI to deploy more sophisticated, AI-driven attacks that are increasingly difficult to detect. Security professionals are now tasked with finding ways to harness generative AI for defense, staying one step ahead of these evolving threats.

This Cybersecurity Awareness Month serves as an important reminder to reflect on how the threat landscape has evolved over the past year and to identify key trends we continue to observe. While technological innovation often takes center stage, this month encourages us to prioritize security at every level: individual, organizational, and executive leadership.

As security professionals, we continue to advocate for strengthening cyber hygiene practices, particularly in safeguarding credentials. This Cybersecurity Month, in particular, organizations should consider investing in AI-based solutions that can detect deepfakes and malicious activities as we see an increase in offensive AI. We must remind organizations, customers, partners, and individuals to stay vigilant about the persistent dangers posed by weak passwords and outdated authentication methods. Now is the time to act and begin fostering a culture of security awareness, implementing strong defenses, and ensuring that security remains a priority long-term.

++

Paul Laudanski, Director of Security Research at Onapsis

With the theme “Secure Our World,” Cybersecurity Awareness Month serves as a reminder of the vital role cybersecurity plays in our everyday life. Whether you are tuned into it or not, we are surrounded by defenses designed to protect us and the digital tools and programs we use daily. Take a second to reflect on how many passwords you have created for countless online accounts. Now consider how many of those passwords are reused. This month encourages us to reflect on our online safety and assess our defense against cyber threats. Just as April brings spring cleaning, October marks the perfect time for cybersecurity hygiene or online cleaning if you will.

Now is the time to ensure your passwords are strong and unique, multi–factor authentication (MFA) is enabled, and you remain vigilant against phishing attempts, whether they come through email, SMS, or phone calls. Threat actors continue to evolve, using AI to create increasingly sophisticated and convincing attacks, which makes staying alert more critical than ever.

Since 2021, ransomware incidents targeting SAP systems, a critical backbone for many organizations, have surged by 400%. These systems house some of the most sensitive business data, making them an attractive target for threat actors.

Cybersecurity Awareness Month serves as a timely reminder for organizations to take a proactive approach in security of their environments, starting with these foundational systems. It’s essential to bolster defenses around ERP systems, ensuring regular assessments, patch management, and threat monitoring. Now more than ever, cybersecurity isn’t just an IT concern, but a business imperative. Whether you’re protecting personal accounts or security critical enterprise systems, this month is the time to review your defenses and make sure you're geared up to take on these evolving threats.

++

Bala Kumar, Chief Product & Technology Officer of Jumio

The threat of AI-generated deepfakes is more pressing than ever, with 72% of Americans worrying about the potential for this technology to influence the upcoming election . Deepfakes can erode public trust by spreading misinformation and influencing key events, making robust digital security critical not just for businesses but for the integrity of democracy itself.

Cybersecurity Awareness Month comes at a critical time to highlight the urgent need for advanced identity verification to combat increasingly sophisticated cyber threats.

Traditional tools like multi-factor authentication (MFA) are no longer enough, especially as generative AI enables cybercriminals to launch more convincing phishing attacks, create synthetic identities, and produce deepfakes. AI-powered biometric identity verification and liveness detection provide a critical layer of protection, empowering businesses to stay ahead of these evolving risks while educating consumers about the dangers of AI-enabled fraud.

This month serves as a reminder that fighting cyber threats requires a forward-looking approach, leveraging cutting-edge technologies to protect both organizations and individuals in an increasingly digital world. Staying secure means fighting AI with AI.

++

Andrew Costis, Chapter Leader of the Adversary Research Team, AttackIQ

As we enter the 21st year of Cybersecurity Awareness Month, the theme “Secure Our World,” emphasizes the critical need to protect against online threats from both individual and organizational perspectives. With the digital landscape rapidly expanding, especially with the increasing prominence of AI, it’s more important than ever for individuals to be equipped with practical tips to navigate the online world safely and confidently.

At an organizational level, as the cybersecurity community shifts from a fortress mentality of “network defense” to a “threat-informed response” approach cybersecurity practitioners need to utilize all the resources around them to set themselves up for success. This includes testing their systems against these threats and adopting more of a more proactive security stance. Reactive cybersecurity is no longer sufficient.

The MITRE ATT&CK Framework provides invaluable insights that help organizations across industries strengthen their defenses and stay resilient against cyber threats. By testing against the known tactics, techniques, and procedures (TTPs), and emulating these attacks, organizations can gain valuable insights into their systems responses, maximizing efficiency and pinpointing any vulnerabilities.

++

Jason Kent, Hacker in Residence, Cequence Security

This year’s theme for Cybersecurity Awareness Month is ‘Secure Our World,’ which recognizes the importance of taking daily action to reduce risks when online and connected to devices. APIs are the backbone of all connected devices, from your car to your bank to your online shopping cart. Understanding this interconnectedness is key. Without a strong security foundation, organizations risk facing serious financial and reputational damage from stolen data and forced downtime.

Recent research from Cequence shows a 96% surge in attack traffic targeting retailers in just one weekend this year. The threat of malicious bots looms large across all sectors, and they aren't just stealing concert tickets. These sophisticated tools can cripple entire networks and provide a gateway for hackers to wreak havoc.

Education is our most powerful weapon in the fight against cyber threats. October, with its Halloween ambiance, serves as a chilling backdrop for Cybersecurity Awareness Month. It's a time to reflect on past breaches and remember that the dangers lurking in the digital shadows are all too real. Let's use this month to empower ourselves with knowledge and fortify our defenses.

++

Steve Cobb, CISO, SecurityScorecard

This past year has highlighted the growing threat of supply chain breaches. In February, Change Healthcare, a leading healthcare technology provider, suffered one of the largest cyberattacks in U.S. healthcare history, affecting millions of individuals and countless organizations nationwide. In June, CDK Global, a SaaS provider for car dealerships, experienced a breach that impacted dealerships across the country. These incidents pinpoint the inherent vulnerability of third-party providers and single points of entry. Recent SecurityScorecard research found that 99% of Global 2000 companies are directly connected to a supply chain breach.

Cybersecurity Awareness Month provides a timely opportunity to reflect on what it means to be cyber resilient. It's not just cyberattacks that can affect organizations; many factors can lead to disruptions, breaches, and availability issues. As an industry, we must adopt and champion a cyber resilient mindset to better prepare for and recover from these challenges.

Security starts at the individual level by adhering to basic cyber hygiene practices. As we look at it from an organizational scale, top-down strategies are essential to managing cyber risk. The most important reminder that I can share this month is the value of securing not only your organization but also your third-party providers as well. Even if you've checked all the boxes and strengthened your internal defenses, a weak link in your supply chain can lead to the same outcome—disruptions and denial of access to critical systems. Understanding and addressing concentrated risk isn’t just about preventing downtime; it’s about protecting the very foundation of our interconnected economy. By thoroughly evaluating third-party risk, you can effectively limit your attack surface and lock down any side doors created by third-party applications.

++

Howard Goodman, Technical Director, Skybox Security

This year’s Cybersecurity Awareness Month theme, “Secure Our World,” encourages everyone to take simple steps to protect themselves, their families, and their businesses in an increasingly connected world. With a new Common Vulnerability and Exposure (CVE) emerging every 17 minutes, the sheer volume of threats can overwhelm even the most prepared security teams, making the challenge seem daunting.

The rising volume of threats is particularly challenging for organizations dealing with siloed network and security teams. Skybox’s Breaking Down Exposure Management Silos: Confronting the Network-Security Disconnect report recently found that 55% of security decision-makers are moderately or very concerned about the risk of a security incident due to a lack of collaboration between network and security teams.

The convergence of security and network operations is an existential imperative, and true collaboration requires more than conversation – it demands a unified approach to network and security management. This year’s awareness focus is a reminder that organizations must adopt a comprehensive, multi-layered cybersecurity strategy. This approach simplifies risk reduction by focusing on key areas such as the accessibility, exposure, and exploitability of assets.

++

Renuka Nadkarni, CPO, Aryaka

Cybersecurity Awareness Month and its theme, “Secure Our World,” is an opportunity for organizations to take a step back and evaluate their methods for protecting their data from cybercrime.
 
The challenges for today’s enterprises and IT teams are immense: a fiercely competitive global landscape, distributed workforces and workloads, and the persistent threat of cyberattacks. The rapid adoption of AI and GenAI adds another layer of complexity. Enterprises leveraging AI for innovation often face significant networking and security challenges in delivering these workloads efficiently and securely at scale.
 
AI is driving the next generation of network infrastructure and security requirements for organizations. As enterprises move to the next phase of Gen AI applications, Retrieval Augmented Generation (RAG), they will increasingly connect LLMs to their legacy applications and data stored across their networks. This raises the bar on the converged networking and security requirements needed for these applications to deliver value, making the transition from fragmented security architectures to a unified, single-pass model essential.
 
Like all moments of significant change, there will be winners and losers in the AI innovation race. Those that will come out ahead are the ones with the strategies in place to bring networking and security services into a single platform, achieving an integrated solution that increases network scalability, agility, and security.

++

Nick Tausek, Lead Security Automation Architect, Swimlane

Whether you’re a seasoned security professional or someone who, like most of us, spends countless hours in front of a screen daily, it’s crucial to take a step back and evaluate how we protect our sensitive information -- both personally and within our organization.

Cybersecurity Awareness Month coincides with the spookiest time of the year-- a month when we’re reminded of the world’s horrors, and this doesn’t mean ghosts or witches. The true danger comes from increasing cyber threats including attackers’ use of AI and sophisticated tactics to outmaneuver defenses.

This month serves as a stark reminder for organizations to remain vigilant in their cybersecurity efforts. While 92% of organizations reported an increase in their allocated budgets, indicating that security is top-of-mind for CISOS, the ever-evolving threat landscape means there’s no time to ease off the accelerator.

For security teams, this month offers an opportunity to reassess your cybersecurity posture, ensuring you adopt a proactive approach to combat emerging threats. This includes the use of automated platforms to centralize incident detection and response, increasing efficiency in responding to threats. For individuals, it’s a chance to strengthen their personal defenses. Ensure you’re using strong, unique passwords and enabling multi-factor authentication. If you think using your pet’s name is unique, it’s time to rethink your passwords and prioritize security hygiene.

++

Max Gannon, Intelligence Manager, Cofense


Cybersecurity Awareness Month, with the theme Secure Our World, highlights four fundamental cyber hygiene practices to stay safe online: using strong passwords and password managers, enabling multi-factor authentication (MFA), keeping software updated, and recognizing and reporting phishing attempts.

While all these practices are critical for maintaining security at an organizational level, phishing recognition and reporting deserve extra emphasis. Strong passwords, MFA, and up-to-date systems can be rendered useless as a defense if a threat actor is able to bypass them with a single phishing email. That’s why the most important step an organization can take to protect themselves is to implement robust security awareness training for employees. It only takes an individual to click one convincing link for an organization to be breached.

In 2023, credential phishing increased by 67%, with a noticeable increase in phishing campaigns bypassing Secure Email Gateways (SEGs) every minute. The rise of AI-generated phishing emails, which are more realistic and personalized, has significantly shifted the threat landscape in favor of offensive AI, often outpacing current defensive AI measures. This is where human intelligence becomes indispensable. Employee education serves as the cornerstone of a strong organizational defense. By leveraging insights from real-life, industry-specific phishing threats, training can effectively mitigate these attempts, reducing the risk of a single malicious email slipping through the cracks.

++

Nicole Carignan, VP of Strategic Cyber AI at Darktrace

As AI systems become embedded into the tools and processes organizations depend on every day, AI safety must be a critical focus during this year’s Cybersecurity Awareness Month. Simply put, trustworthy and reliable AI cannot exist without strong cybersecurity.
 
Cybersecurity leaders must be embedded in an organization’s AI journey from the beginning to ensure AI is deployed in ways that keep it reliable and secure. We must focus on applying cybersecurity best practices to protect models and invest in safeguards to keep AI systems protected at all stages of the AI lifecycle, to avoid unintended behaviors or potential hijacking of the algorithms. That includes securing the environment in which the AI models are deployed, ensuring the models are continuously monitored and protected, and putting in place processes and procedures to ensure they are used safely and appropriately.  
 
Organizations must also integrate AI training and awareness into broader cybersecurity awareness programs– ensuring employees understand the different use cases for AI, and how to use those to their advantage without introducing risk, such as unintentional data leaks, inaccurate use cases, or privacy violations. A large portion of AI safety is AI security and data security. Training should continue to emphasize secure, safe and compliant access and use of data, especially in interacting with models and produced synthetic data.

++

David Hervieux, CEO of Devolutions

As we observe Cybersecurity Awareness Month, the theme "Secure Our World" highlights the shared responsibility in protecting the digital realm. In today’s complex environment, organizations must adopt proactive defense strategies, balancing security with productivity. IT professionals shouldn’t have to choose one over the other – true cybersecurity should enhance, not hinder, an organization's efficiency.

Effective cybersecurity is like solving a puzzle, where the alignment of tools, policies, and people creates real protection. Robust security measures require tailored solutions, continuous training, and regular updates to stay ahead of risks. Achieving this balance is key to maintaining productivity without compromising safety. The rise of AI brings both opportunities and challenges, enhancing threat detection while introducing new vulnerabilities. Strong governance and data protection are crucial to prevent misuse and protect privacy.

Ultimately, securing our world requires a dynamic approach that evolves with the landscape. By balancing productivity and security through collaboration and responsible tech use, we can create a safer, more efficient digital environment for all.

++

Grayson Milbourne, Security Intelligence Director, OpenText Cybersecurity

Cyber threats are evolving more quickly and intricately than ever before, and this year's Cybersecurity Awareness Month calls on organizations to rethink and reinforce their defenses. OpenText Cybersecurity's recent 2024 Threat Hunter Perspective revealed many concerning trends in today’s cyberattacks, including the alarming rise of nation-state and cybercrime gang collaboration, particularly when targeting other nations and large enterprises. Also, attacks are timed to highly publicized events like the Paris Olympics or U.S. presidential election season. The combination of these tactics alongside creative evasive techniques such as leveraging other nations’ GEOs to launch attacks are proving effective at defeating outdated defenses.
 
The nature of these attacks makes adoption of a robust, integrated security approach not only strategic but essential. To better protect against today’s threats, organizations should seek collaborative, unified security tools that bridge the gap between threat intelligence and response, allowing teams to proactively detect, mitigate and counteract emerging threats in real time.

++

Bill Bruno, CEO of Celebrus

Two trends that I see coming up in Cybersecurity both intertwine a bit: speed of data availability and the depth of the digital data itself that is available. With the rise in scams and ransomware, combined with the speed at which AI has been adopted, it has become increasingly more difficult to separate fake from real. On a surface level, security threats will seem benign and standard controls are no longer enough to decipher what is really going on.
 
With the right depth of data to build proper evidence profiles, brands will have a fighting chance at detecting anomalies and prevent the threat from being successful. However, much of this traditional analysis has happened after the fact from combining a variety of different datasets. 6-8 months later this then turns into a model that can provide better detection. However, that means the gates have been proverbially left open for 6-8 months while that is built.

++

Carlos Morales, SVP of Solutions at Vercara

Many successful data breaches are opportunistic rather than intentional and researched. Today’s breaches use a wide variety of methods, such as spear phishing campaigns, social engineering, and malware to steal sensitive information like intellectual property, customer data, or banking information. Attackers cast a wide net for potential victims, exploiting those that fall prey. These attacks are one of the most significant threats facing any organization, potentially costing billions of dollars and causing substantial damage to a company’s revenue, profitability, and reputation.  
 
One of the most important things organizations can learn from Cybersecurity Awareness Month is the value of understanding the growing complexity of today’s attacks and how they continue to evolve. Organizations should also invest in tools that better identify and mitigate threats while educating employees on various attack methods that may impact them to increase their awareness.

++

Jackie McGuire, a senior security strategist, Cribl

For years, the cybersecurity industry has faced challenges in finding talent with the right skillset to fill roles. However, what’s not often talked about is the disproportionate amount of neurodivergent talent already working in the cybersecurity industry, and the untapped talent pool with potential to fill these roles. Neurodiversity is a massive spectrum, and cybersecurity leaders need to rethink how they’re assessing skills, and what a ‘typical’ candidate may look like for any position. By embracing unique skill sets of neurodivergent talent such as the ability to hyper-focus, detect patterns, and identify vulnerabilities that others might miss, security teams can unlock new, meaningful problem-solving solutions. Eliminating the stigma around neurodiversity and creating an open dialogue about the resources and accommodations neurodiverse team members need to excel in their roles, such as written materials or subtitles during virtual meetings, enables leaders to tap into the unique strengths of team members and build an environment for them to thrive.

++

Christine Gadsby, CISO at BlackBerry

As we celebrate this year's Cybersecurity Awareness Month theme, "Secure Our World," it’s essential to emphasize the importance of securing every endpoint in our digital landscape. This is becoming increasingly difficult, but incredibly vital as cyberattacks continue to grow in strength and severity.  
 
For example, unique malware is on the rise, and we saw a 53% increase in new malware just from the first quarter of this year to the second. What does that mean for security teams? It means that threat actors are becoming more deliberate in their methodology and their attacks are harder to detect. Efficiently monitoring endpoints, providing training to security teams, and ensuring organizations have the volume of staff on hand to manage a cyber incident is imperative.  
 
As a CISO, I have to know that my team can see data from every aspect of our tech stack as the attack surface is forever expanding – this includes networks, cloud environments, endpoints, and applications. Even more critical is knowing that once an anomaly is detected, it can also be neutralized. The cyber landscape is complicated, and organizations are juggling a number of tools, so the more they can zoom out and look at their attack surface through a single plane, with everything in one place, the better off they will be. Finding solutions with that goal in mind is the first step controlling an organization’s own threat landscape and is the foundation of “securing our world.” 

++

Justin Kestelyn, Head of Product Marketing and Hacker Community Marketing, Bugcrowd

Hackers Are Our Best Defenders

This year, Cybersecurity Awareness Month is incredibly relevant for consumers and workers who need to be vigilant about the constant barrage of phishing and data breach risk.

The global hacker community can in fact be a massive net positive for those consumers and workers, and for the security teams tasked with protecting them. For example, the existence of a chronic talent shortage in the cybersecurity industry has been well documented for years. But that shortage calls the definition of the "talent pool" into question, because the reality is that the hacker community is an endlessly elastic source of capacity and skills for augmenting and extending security teams on demand - if you know how to engage in a mutually trusted, productive, and scalable way.

Security leaders who can do that will have access to a "crowd cloud" for meeting almost any security testing requirement, with the results going beyond what automated tools can achieve and with all the utilization benefits of an os-a-service model. That's a fact deserving more awareness in the security industry!

++

Kern Smith VP Americas - Zimperium

Digital identity is one of the most valuable assets in corporate IT. Organizations continue to invest in ways to protect their user identity, from multi factor authentication, rotating and random passwords facilitated by password managers, and anti phishing filters and user training to name a few, and attackers continue to innovate with new and novel techniques to ultimately gain access to a users identity.

 Increasingly attackers have shifted their focus to targeting iOS and Android devices given those devices are typically the nexus of personal and corporate identity. This is because mobile devices are where the multi factor resides, where users keep their passwords, and where users are much more susceptible to mobile phishing campaigns due to the number of un protected phishing avenues available to attackers, such as SMS, QR Codes, third party messaging apps, and more that most organizations have no protections for. This does not even account for the explosion of mobile malware attacks and risks with third party apps that could expose user credentials on iOS and Android devices.

All of this creates a landscape where the barrier to entry for attackers has lowered, and attacks have skyrocketed. No longer does it take an advanced exploit to gain valuable data, when an attacker can simply send a targeted message or link to gain access to the data they want, either through a simple Mishing campaign, off the shelf malware, or even abusing vulnerabilities in third party apps or SDK's.

It is essential that organizations have a strategy to address these challenges. This includes the ability to identify and prevent mobile phishing attacks, detect for mobile malware, and identify risks in third party applications or device configurations that could potentially expose credentials and compromise user identity.

++

Omri Weinberg, Co-Founder and CRO - DoControl

As we kick off Cybersecurity Awareness Month, the theme "Secure Our World" feels especially timely. In today's hyper-connected digital landscape, securing our world means securing our data - and that's becoming increasingly complex as organizations rapidly adopt cloud and SaaS technologies.  But it's not just about corporate responsibility; individuals play a crucial role too.

The shift to remote and hybrid work has dramatically expanded the use of SaaS applications, creating new security blind spots and risks.  Employees are sharing, accessing, and storing sensitive data across dozens of cloud apps, often without proper oversight.  This "SaaS sprawl" has made it incredibly challenging for security teams to maintain visibility and control.

What's more, the lines between personal and professional digital lives are blurring.  Even something as simple as a social media post can open up an individual - and by extension, their organization - to potential attacks.  Cybercriminals are increasingly sophisticated in how they use publicly available information for social engineering and targeted phishing attempts.

It is vital to have a comprehensive approach to SaaS security, coupled with ongoing employee education.  It's not enough to just focus on network perimeters or endpoints anymore.  Organizations need granular visibility into user activities, data flows, and third-party app connections across their entire SaaS ecosystem. And employees need to understand how their online actions can impact overall security.

Securing our world in 2024 and beyond requires a mindset shift.  We need to move beyond the old "castle and moat" security model to one that embraces Zero Trust principles, continuous monitoring, and individual accountability.  Every access request, every data transfer, every third-party integration - and yes, even every social media post - needs to be approached with security in mind.

This Cybersecurity Awareness Month, I encourage organizations to take a hard look at their SaaS security posture and their employee education programs.  Do you have full visibility into how your sensitive data is being accessed and shared across cloud apps?  Are you able to detect and respond to insider threats or compromised accounts in real-time?  Can you automatically enforce consistent security policies across your entire SaaS ecosystem?  And crucially, do your employees understand their role in maintaining security?

By focusing on these areas, implementing robust SaaS Security Posture Management, and fostering a culture of security awareness at all levels, we can take meaningful steps towards truly securing our digital world.  The threats may be evolving, but with the right approach, tools, and collective responsibility, we can stay one step ahead.

++

Jose Seara, CEO and founder - DeNexus

Many companies know they are targets (nobody is immune to cyber attacks), but they rarely know whether they spend enough on cybersecurity and whether their protection efforts are targeted to the right places.

This year's theme for Cyber Awareness Month, "Secure Our World," highlights the need for increased cyber protection in all aspects of our personal and professional digital lives, including industrial systems-the connected equipment and systems that control factory floors in manufacturing, the buildings hosting data centers, power generation sites, electricity distribution networks, or even the tarmacs and boarding areas in airports.

Given the gap in cybersecurity resources and the flattening of cybersecurity budgets, cybersecurity leaders need to take a step back and assess where to allocate scarce resources and limited budgets to achieve the greatest return on investment, which, for cybersecurity, is to reduce the probability of material cyber incidents. This starts by identifying and measuring cyber risks in financial terms, the probability and severity of potential cyber incidents due to weaknesses in cyber defenses.

++

Philip George, Executive Technical Strategist, InfoSec Global Federal

Cybersecurity Awareness Month this year comes on the heels of NIST releasing post-quantum encryption standards, which are designed to withstand attacks from cryptographically relevant quantum computers (CRQC). For several years, the cybersecurity community and government leaders have been raising awareness around the impending threat of a CRQC and the potential large-scale effort to migrate to quantum safe encryption, recognizing there is not one area across the information technology domain that does not rely on some aspect of vulnerable classical cryptography. Therefore, the arrival of the new quantum safe standards is a pivotal moment. These new ciphers provide public and private sectors with the ability to establish an effective bulwark against both present day and emerging cryptographic threats to include the prospect of a CRQC. 

But the very first step for any organization is to conduct an automated discovery and inventory of deployed cryptographic assets. This single act provides the foundation for the development of a comprehensive and effective defense in-depth strategy that aligns with larger efforts like that of zero-trust (ZT) modernization. If an organization has not conducted an automated discovery and inventory scan in lieu of prior manual efforts, they could be implicitly accepting risk that has neither been accurately assessed nor mitigated. This can create scenarios where PQC migration execution is incomplete at best or fails to mitigate an exposed attack surface of a high value asset.

Once a comprehensive inventory has been achieved, however, organizations will have more insight into how best to approach remediation and decide between either a stand-alone effort or to incorporate within existing zero-trust modernization activities. The outcome of which would be a more informed ZTA plan that ensures quantum safe cryptography is incorporated into new architecture and tools and enables effective cryptographic posture management.

Which leads into the final area of consideration while planning your PQC migration strategy: agility. The concept of cryptographic agility is the ability to implement, update, change, and remove cryptographic functions from systems and applications on demand, without changing the systems or applications themselves. By adopting such a model within your PQC migration plan, organizations will ensure future quantum safe algorithms are easier to adopt and require a dramatically lower level of effort to operationalize. NIST has also initiated a cryptographic agility workstream that seeks to provide guidance and best practices around sound cryptographic agility adoption strategies for departments and agencies.

Migrating to the new post quantum algorithms will take considerable time and effort. Aligning such activities with similar large scale modernization efforts like zero-trust will be key. This paired approach will ensure that the adoption of ZTA principles won't be undone by continuing to rely on soon to be deprecated cryptography. Cryptography is the underpinning of Zero Trust, so aligning PQC migration with Zero Trust initiatives is imperative.

++

Dan Ortega, Security Strategist, Anomali

In the Age of AI - it's all about the data - how you manage it, and then action it to protect and drive your business. Unfortunately, many companies don't have a strong data plan in place; information is coming in too fast, and with the pervasive use of AI, it has accelerated immensely - and as a result, companies tend to manage it in the most expensive, inefficient, complex, and disparate way possible. This creates unnecessary risk across all business operations. This includes the way that security teams approach threat intelligence data - which is often siloed and not integrated holistically across all security and IT functions.

This year, for Cybersecurity Awareness Month - I encourage security and IT teams to focus on three key areas: 1) auditing their Security Operations Center - to ensure that the tools in use are providing a truly comprehensive view of the business, and encouraging the flow of data across systems (e.g. ensuring that teams or tools don't silo threat intelligence data and is providing value), 2) Cleaning up internal processes to ensure that security technology is being used to solve business challenges, maximize talent capacity, integrate security into business and simplify underlying processes, and 3) take a hard look at how AI is being used in your organization. Does everyone use whatever version of AI is convenient without oversight from IT? What could possibly go wrong?

++

Jason Scott, CISO, Sectigo

A study conducted by the A. James Clark School of Engineering at the University of Maryland, there are more than 2,200 cyberattacks per day, which equates to one attack every 39 seconds. This means that we have around 800,000 cyberattacks per year.  To put this in relative terms, there were only 11 major battles during the Vietnam War and 20 major battles during World War II, both lasting multiple years. Obviously, there were many more minor skirmishes unaccounted for. Still, the point is that we are being (cyber) attacked daily with no pauses or time to recover. It has become cliché, but the statement still holds; "we have to get it right 100% of the time, but the adversaries only have to get it right once". 

Getting it right matters. Cybercrime is predicted to cost the world $9.5 trillion in 2024 and the global average cost of a data breach in 2023 was $4.45 million per incident, a 15% increase from the previous three years.  If we don't get it right, not only does the business lose, but as we all know, costs are passed onto the consumer or taxpayer when governments are involved.   

We must be vigilant in our cybersecurity journey and can't afford to get the basics wrong. The basics are those core IT and security functions that must be done in every organization regardless of size and budget. Some include using strong passwords stored in fully encrypted password managers, using multi-factor authentication on all applications, rigorous anti-phishing training, and ensuring software and systems are patched. 

These "basics" sound simple and are not difficult to implement, but we (IT, Security teams, and the Business) routinely fail at it. We tend to focus on the fancy new tool, the shiny new dashboard, quarterly profits, or even the latest analytical application. Yes, these are important and have their place, but we should ensure we have the "basics" down to protect the business so it can focus on profit and growth. Using patching as an example, if we can patch our prioritized vulnerabilities promptly, we reduce our threat landscape, which, in turn, offers attackers fewer doors and windows into our environment.   The term may seem a little dated, but defense in depth is a solid method used to defend our often-porous environments. Using multiple levels of security, such as strong passwords, multi-factor authentication, resilience training, and patching strategies, makes it harder for threat actors, so they tend to move to another target with weaker defenses. 

++

John Anthony Smith, CSO and founder - Conversant Group

At the start of 2024, the Identity Theft Resource Center (ITRC) reported a 490% increase in data breaches in the first half of the year compared to the same period in the previous year. As the frequency of attacks continues to rise year over year, the focus must shift from "what if it happens" to "how do we respond when it happens". While awareness and breach resistance are important when it comes to cyber-attacks, recovery is even more critical.

In an increasingly digital world, robust recovery capabilities are not just a safety net but a strategic advantage and a tactical MUST. The actions taken before [survivable, usable, and timely recoverable backups] and after [verified, tested, and readied brownfield recovery] a breach are what truly matter to reduce the costliest impacts-business interruption. By taking thoughtful and decisive steps, you can regain control and minimize damage and business disruption. Here are some proactive steps to consider:

  • Assess your recovery capabilities for survivability, usability, and timely recovery against the technical realities of threat actor behavior [what they are willing and able to do]
  • Ready your environment for secure brownfield recovery, and test it often!
  • Create a detailed incident response plan that outlines the steps to take immediately after a breach and test it!
  • Invest and constantly realign recovery and resistance capabilities to what threat actors can, will, and are doing [in breach].
  • Ready your incident response partners:  Know your contacts, Know their Processes, Have the contract pre negotiated, Incorporate them into your IR plan, and Test your interactions with and through them.

Organizations deserve the peace of mind that comes with assured recovery when the breach occurs. By investing in an assured recovery program that prioritizes resiliency and recovery, organizations not only take a proactive approach to cyber protection, but also gain a competitive edge. This approach ensures business continuity, minimizes downtime, and protects valuable data and assets.

++

Kris Bondi, CEO and Co-founder - Mimoto

Deepfakes and ransom-as-a-service have put sophisticated tools in the hands of unsophisticated bad actors. In the innovation race, bad actors have an advantage because they're faster to adapt than many organizations. The only way to course correct is to focus on the core problems, not only how to improve approaches that are no longer effective. Making a password process more cumbersome doesn't help if a bad actor comes in through a reverse shell.

To start next month more secure than today, organizations must look at what current vulnerabilities they're ignoring. Impersonations within their system that aren't caught and acted upon quickly are a core component to account takeovers, ransomware attacks, data extraction, and insider threats. Coupled with this should be timing and context. This enables companies to respond in real-time to a breach, before it is weaponized, and to know what to prioritize with their likely limited resources. This will enable teams to find and stop what has already gotten into the protected perimeter, before the damage is done.

++

Danny Brickman, CEO and Co-Founder, Oasis Security

Non-Human Identities (NHIs) such as service accounts, tokens, access keys, and API keys, are fundamental components of modern business operations across all sectors and industries. However, NHI management is often neglected, which leaves organizations vulnerable to severe cyber threats. Recent high-profile breaches that stemmed from the exploitation of NHIs underscore the criticality of properly managing and securing NHIs.

October is Cybersecurity Awareness Month, a time dedicated to prioritizing cybersecurity best practices and shoring up cyber defenses. With traditional identity & access management solutions and best practices rendered obsolete, and NHIs proliferating every day, the industry needs solutions to properly secure this massive attack surface.

Now is the time for enterprises and midmarket organizations alike to incorporate comprehensive NHI management into their security and identity programs. Core best practices for managing NHIs include:

  • Maintain a comprehensive and up-to-date inventory of all NHIs within the organization
  • Understand the business context and owners of each NHI 
  • Apply the principle of least privilege 
  • Monitor the environment continuously to detect and respond to suspicious activities involving NHIs 
  • Define governance policies and implement them via automation 
  • Prioritize secret rotation
  • Decommission stale and orphaned service accounts

Non-human identity management (NHIM) is a security, operational and governance challenge. To effectively address it, organizations need a purpose-built enterprise platform that solves all three. Successful NHIM requires not only discovering NHIs in real time and without prior knowledge of them, but also understanding their individual business context (usage, consumers, owners, authentication methods, entitlements, resources, risk factors, behavior, etc.). In order to achieve this, modern NHI management solutions must be able to ingest vast amounts of data from a wide range of sources (audit logs, IDP, Vaults, DSPMs, ASPMs, etc.) and continuously analyze it with advanced AI/ML, LLMs and behavioral analytics techniques.

Cybersecurity Awareness Month is a good reminder to invest in the right tools and best practices to protect against evolving threats and uphold security in a dynamic digital landscape.

++

Narayana Pappu, Founder and CEO at Zendata

As AI becomes central to business operations, it also introduces significant security risks, such as concerns about unauthorized data usage, AI model hacking, and training data leaks. Protecting sensitive and proprietary information is critical and requires strategies like maintaining a clear data bill of materials and ensuring that AI models are trained only for intended purposes.

To mitigate these risks, deploying AI systems on-premise or in Virtual Private Clouds (VPCs) can offer better control, while domain-specific and smaller language models reduce exposure. Role-based access controls, data fingerprinting, and ensuring training data remains sealed to its rightful owner are essential for preventing data leakage and external threats.

Strong security measures are crucial to safeguard AI systems and sensitive information as AI evolves.

++

Doug Murray, CEO, Auvik

Last year, CISA announced that the enduring theme for all future Cybersecurity Awareness Months (which occurs each year in October), would be "Secure Our World." This theme evokes the sentiment that security is a shared responsibility between individuals, businesses and governments alike. Even within a specific organization, security is a shared responsibility.

Consider the issue of infrastructure sprawl - both CISOs and CIOs are purchasing and managing tools that support either cybersecurity objectives or serve a particular IT function. A big concern here is the cybersecurity risks involved in infrastructure sprawl, as the proliferation of tools and vendors has gotten out of control for many IT teams.

Another increasing area of risk is shadow IT and shadow AI, which involves the use of IT systems, devices, software, and services without explicit approval from the IT department. SaaS shadow IT is probably one of the biggest hidden risk factors that IT leaders face today, particularly at a time when employees are experimenting with emerging AI tools. Most people who utilize shadow IT tend to think that they're just using a productivity tool. However, organizations have found shadow IT adoption can open vulnerabilities.

In purchasing a combination of different tools - some that provide multiple functions and others that are point solutions - companies easily end up with huge overlaps. For example, it's common for a company to have multiple firewall providers operating within their network all at the same time. This is not only redundant but could actually be introducing even more cybersecurity risk to the business unnecessarily. How can we manage some semblance of consolidation to drive up efficiency and lower costs? Every vendor that gets added for more firewall or endpoint security protections introduces new security concerns in terms of business process integration and daily IT management. What's needed is a network management platform that gives us a federated view of everything that IT uses for its daily processes, systems, and management. Business leaders must then work together to determine which tools to keep and which they can do without, in order to reduce sprawl and overall risk exposure.

++

Victor Monga, Global Cybersecurity Technologist, Menlo Security

The internet has become such a big part of our everyday lives, and most of us don't even realize how much we rely on it. Whether we're shopping online, paying bills, or even closing million-dollar deals for work, most of these activities now happen in our web browser. It's like the front door to everything we do online. But with that convenience comes risk. The same browser that lets you order groceries or work from home can also be a target for cybercriminals trying to steal your money, your identity, or even your work. It's no longer just about protecting your bank account-it's about protecting everything that matters to you.

Here are a few things that can happen if your digital security is compromised:

  • Identity theft: Hackers can use your personal information to open credit cards or take out loans in your name.
  • Loss of privacy: Cybercriminals can access your emails, personal messages, and sensitive files.
  • Job security risks: If you work from home or on the go, your job might be at risk if your company's data is stolen through your browser.
  • Family safety: Your kids' information can also be at risk, leading to identity theft or unwanted exposure to harmful content.

To protect yourself online, there are some simple but powerful steps you can take to keep your information safe. One of the most important things you can do is always use multi-factor authentication (MFA) whenever possible. This adds an extra layer of security by requiring a second form of identification, like a text message code or an app confirmation, before accessing your accounts. It's also smart to validate any requests for money or signatures-if you're about to transfer funds or sign an important document, double-check with the person or organization first, especially if it seems urgent or unexpected. Keeping an eye on your financial well-being is just as important, so make sure you review your credit card statements regularly for any suspicious activity.

Here are a few other things you can do to protect yourself:

  • Keep your PC and all software up to date: Regular updates help patch security vulnerabilities that hackers could exploit.
  • Only install software from trusted sources: Avoid downloading anything unless you're certain it's safe and from a reputable company.
  • Be mindful of what you post or click on online: Remember, once you post something or click a suspicious link, it's often a one-way street. Visiting websites with fake coupons or offers could lead to malicious actors tracking your activity or worse-hacking into your system and ruining your day.

By following these steps, you can significantly reduce your risk of becoming a victim of cybercrime and protect not just your finances, but your personal life and privacy as well.  Another essential way to protect yourself is by freezing your credit, which makes it harder for identity thieves to open new accounts in your name. You can call the three major credit bureaus-Equifax (1-800-685-1111), Experian (1-888-397-3742), and TransUnion (1-888-909-8872)-to request a credit freeze. It's free, and it helps stop any new credit accounts from being opened without your permission. It's a simple but effective way to secure your personal information. Stay vigilant and cautious-it's better to prevent an issue than to fix it later!

++

Boaz Gorodissky, Chief Technology Officer, XM Cyber

Cybersecurity Awareness Month serves as a reminder to organizations that protecting critical assets requires a much more comprehensive approach to exposure management. Organizations typically have around 15,000 exposures scattered across their environments that skilled attackers could potentially exploit, and yet, CVE-based vulnerabilities account for just a small percentage of this massive exposure landscape. Even when looking only at exposures affecting their most critical assets, CVEs represent only a small part of the risk profile. While organizations are focused on patch management and vulnerability management to address CVEs, the maturity to mobilize teams and remediate issues such as misconfigurations and weak credentials is low, leaving organizations exposed.

This disconnect between the traditional cybersecurity focus and the real-world threatscape demands a paradigm shift in security strategies.

This Cybersecurity Awareness Month, organizations should use the opportunity to ensure a comprehensive and proactive approach to cybersecurity. They should ensure they get a continuous and complete view to secure all critical assets (on-prem and cloud), to holistically safeguard their digital assets in today's increasingly-complex threat landscape.

++

Rob Rashotte, Vice President, Global Training & Technical Field Enablement at Fortinet

Since 2004, the U.S. government and the cybersecurity industry have recognized October as Cybersecurity Awareness Month. This collaborative effort between the government and the industry generates discussion on cyber threats and enhances cybersecurity awareness with the goal to Secure Our World. Looking at the cyber landscape in 2024, the cyber skills gap continues to be a top concern.

The challenge is twofold: too few cybersecurity professionals in the field, and a lack of adequate skills for those in IT and security positions. We've seen the real-world impact of this skills gap: 58% of respondents to Fortinet's 2024 Cybersecurity Skills Gap Global Research Report revealed that insufficient skills and a lack of properly trained IT/security staff are the prime causes of breaches, and 70% of respondents revealed that the cybersecurity skills shortage creates additional risks for their organization.

The stakes are high for organizations when it comes to cybersecurity. Breaches take a financial toll, disrupt business operations, and erode customer and partner trust. Closing risk management strategy gaps, including prioritizing skills development and proper staffing, is vital to protect any organization.

At Fortinet, we're dedicated to helping address the cyber skills gap head-on by providing training and certification programs and security awareness training to help organizations cultivate a more cyber-aware workforce. We're on a mission to build a diverse and skilled workforce and empower the next generation of cybersecurity professionals with the training and tools they need to succeed, including a 5-year span pledge to train 1 million people in cybersecurity by the end of 2026 as part of this commitment.

Collaboration across the public and private sectors to address these challenges is key, including initiatives like Cybersecurity Awareness Month. Together, let's take action this October, tackling the cyber skills gap and increasing cyber resilience.

++

Patrick Harr, CEO, SlashNext Email+ Security

The explosion of AI in recent years has made it easier for cybercriminals to execute effective phishing scams and other attacks on users. As a result, we've seen a dramatic increase in attacks across various communication channels such as email, SMS, social media platforms, collaboration tools like Slack and Microsoft Teams, messaging apps like Signal and WhatsApp, as well as voice and video calls. There has also been growth in the use of 3D phishing-a sophisticated approach where cybercriminals target victims through multiple channels to establish credibility, instill urgency, and enhance their chances of successfully deceiving the target. By combining multiple modes of deception across different channels-such as starting with an email request and then following up with a phone call or a message-the attackers can launch very believable scams that are hard for the average person to detect, allowing them to bypass traditional security measures.

Cybersecurity Awareness Month is a reminder that the methods used by cybercriminals continue to evolve, making it imperative for organizations to have the resources and plans in place to prevent these attacks before they result in data compromise and other security concerns. To stay one step ahead of these sophisticated tactics, organizations must adopt a multi-faceted defense approach, which includes utilizing AI to combat AI-based scams. Even with continuous training to help employees recognize the hallmarks of email and message-based scams, many are still unable to evade complex schemes like 3D phishing. However, while humans may struggle to recognize these threats on their own, AI-based security platforms can detect unusual activities associated with 3D phishing attempts.

++

Ratan Tipirneni, President and CEO of Tigera

Cybersecurity Awareness Month highlights the importance of implementing stronger defense mechanisms that protect organizations and citizens from increasing cyber crime. Kubernetes and containerized environments underpin digital innovation and are at the core of modern application development. While these environments boast significant advantages, offering scalability, efficiency, and flexibility, they are also subject to various security risks. This includes vulnerabilities, misconfigurations, network exposures, and both known and zero-day malware threats. The distributed nature of microservices, the dynamic scaling of workloads, and the ephemeral nature of containers introduce unique security challenges.

Traditional approaches to risk assessment whereby vulnerabilities, misconfigurations, and threats are identified and prioritized in isolation - and each generates its own set of alerts and priorities - are insufficient for the unique nature of Kubernetes. To effectively protect your Kubernetes environment, it is essential to adopt an interconnected security approach that accounts for how these risks interact. Many security risks are associated with specific services. By understanding the relationships between services, security teams can better assess the potential blast radius of risks if left unmitigated. This will enable more accurate and timely risk assessment, prioritization, and mitigation.

This Cybersecurity Awareness Month, organizations should work to deploy tactics that help evaluate risks holistically and implement controls such as default-deny network policies, workload isolation, IDS/IPS and WAFs. These tactics will reduce their risk of exploitation, limit lateral movement in the event of a breach, and block known threats before they can manifest.

++

Venky Raju, Field CTO, ColorTokens

When a cybersecurity breach makes headlines, the finger often points straight at humans. High-profile incidents like the SolarWinds attack, where human error was cited as a key factor, the recent 23andMe breach blamed on users' weak passwords, or Uber's MFA fatigue incident-all reinforce the narrative that humans are the weakest link in security. While there's some truth to it, I believe it's not the whole story. The real issue isn't human incompetence. It's the complexity of the systems we expect people to navigate. Alert fatigue, overly complicated user interfaces, and an endless stream of warnings all contribute to burnout. Combine that with limited budgets and staffing, and it's no wonder mistakes happen.

Instead of piling more responsibilities onto users, we need to rethink our approach to cybersecurity.

  • Rethinking Authentication: Passwords are a prime example. We tell people to use complex, unique passwords, change them frequently, and never reuse them. Password managers are supposed to help, but even they aren't foolproof. The LastPass breach raised concerns about relying solely on these tools since they can become single points of failure. 
  • Embracing Passwordless Technologies: By adopting passwordless technologies like passkeys or biometric authentication, we can enhance security and simplify the user experience. Passkeys use public-private key cryptography, allowing users to authenticate using their devices' built-in capabilities. 
  • Reducing Alert Fatigue: Cybersecurity professionals face an overwhelming number of alerts daily, many of which are false positives. This constant barrage leads to alert fatigue, where genuine threats might be missed. Our reliance on detection and response technologies like Endpoint Detection and Response (EDR) contributes to this overload. While valuable, they shouldn't be our only defense.
  • Proactive Security Measures: By adopting proactive security measures, we can reduce alerts and ease the burden on professionals. Techniques like microsegmentation compartmentalize the network, limiting threat spread and reducing the attack surface. By fortifying networks from the start, we prevent threats from reaching users in the first place. This approach lessens the reliance on human vigilance and reduces the chances of error due to fatigue or complexity.

This Cybersecurity Awareness Month, let's shift the narrative. Too often, we find the easy victim-users-when the real issue lies in the systems they're forced to work with. As responsible technologists, it's our duty to simplify their lives, not complicate them.

It's time to stop expecting users to be perfect and start designing systems that support them better. After all, security is a collective responsibility, and technology should be an enabler, not an obstacle.

++

James Cassata, cloud security architect at Myriad360

As we head into Cybersecurity Awareness Month, organizations should maintain a strong focus on rising attack vectors when educating system users.

Social engineering continues to be a top human risk, according to SANS.   Although spear-phishing emails and text-based smishing messages are not new, voice-based vishing has become more prevalent.  This is largely due to the gaining use of AI, allowing adversaries to accelerate their efforts when attempting to deceive their targets. Generally speaking, a twenty-second audio sample clip of someone’s voice is all that is needed to clone their voice with Ai.

The most important advice to give when educating users is to slow down and think, “Does this make sense?”.  Always validate the legitimacy of an uncommon request by reaching back out to that individual using another method of communication, with a face-to-face conversation being the preference.  Another indication of suspicious activity is the sense of urgency that adversaries tend to convey. To me, this is a dead giveaway. Investing in continuous employee training is critical to reinforce the importance of being cautious and vigilant and, most of all, slowing down.

++

Shiva Nathan, Founder & CEO at Onymos

In the Onymos 2024 SaaS Disruption Report: Security & Data, 45% of technology leaders reported experiencing a cybersecurity incident through a third-party vendor. Almost half. If we want to reduce that number, we must hold our SaaS providers to a higher standard. The way SaaS is supposed to work is simple: We're supposed to pay money for a service. The way it actually works is that we're paying money and data for that service. We are all giving away too much of our data. That's why it's critical to enforce the principle of least privilege. Only give access to those who absolutely need it. Regular audits, strong encryption, and staying proactive with software updates are essential for securing your SaaS ecosystem and protecting your data.

++

Dan Shugrue, Senior Product Marketing Manager, at Digital.ai

Client-facing, mobile apps are essential for enterprises to meet consumer expectations. These apps are made available to consumers through the Apple app store and Google Play Store where anyone –including threat actors—can freely download them.  Once downloaded, apps are easily reverse engineered. This is a problem because these apps, by definition, contain working examples of how to access a back-office system.
 
Increasingly, we are seeing cybercriminals use AI tools to understand those working examples and essentially turn mobile apps into threat vectors. Too often, the enterprise creating these apps have limited or zero visibility into what is happening to them outside of their firewalls. To get ahead of this, companies need to remain proactive and embed app safeguards like obfuscation, anti-tampering, and client-side app threat monitoring to avoid the costly ramifications of releasing unprotected apps into the wild. 

++

Ryan Rowcliffe, field CTO of HYPR

As we reflect on 2024, the cybersecurity landscape reveals alarming trends, with SlashNext reporting a 4,151% increase in malicious emails and an 856% rise in targeted phishing attacks. The settling of the Gen-AI hype cycle has led to widespread adoption, resulting in more sophisticated and convincing phishing attempts. This evolution demands increased vigilance and awareness of AI's capabilities in crafting deceptive communications.

In response to these threats, passkeys and identity assurance have emerged as the most effective countermeasures. Throughout 2023 and 2024, businesses and applications significantly increased their deployment of passkeys, coupled with comprehensive identity verification processes that link physical and digital identities. This shift towards robust authentication methods promises to eliminate up to 80% of attacks associated with passwords and outdated multi-factor authentication techniques, marking a critical turning point in digital identity security.

++

Rob Whiteley, CEO of Coder

Resilience against cyberattacks begins with the basics – identifying and fixing vulnerabilities at the foundation. Tackling these issues early creates a secure base for the software you build. For example, when it comes to development environments, secure tooling sourcing and auditing activities consistently are critical steps in locking down long-term protection.
 
Cybersecurity is never a one-and-done solution. It is a continuous process. Implementing best practices like keeping code and IP on secured storage rather than local drives and using declarative development environments to limit installs to trusted sources, help reduce the risk of data exfiltration vectors or supply chain attacks.
 
AI introduces new complexity and vulnerabilities to the software supply chain. Attackers will leverage AI and high-powered distributed systems to power their traditional attacks. To win the battle, companies must bolster traditional security practices with AI-driven detection, behavioral analytics, advanced end-to-end encryption, and automated continual compliance monitoring.

++

Ram Vaidyanathan, chief IT security evangelist at ManageEngine
 
Cybersecurity Awareness Month arrives at a pivotal moment in 2024. Recent data from the World Economic Forum indicates that 81% of executives feel just as exposed to cybercrime or even more so when compared to last year, and a significant number of organizations reported a decline in cyber resilience. This situation is exasperated by economic challenges and the rapid adoption and misuse of emerging technologies like generative AI, which is transforming the cyberthreat landscape in unprecedented ways.
 
These dynamics, combined with heightened geopolitical tensions and the upcoming United States election, make it clear that cybersecurity is more than just a technological issue; it's a business imperative that requires a coordinated, proactive approach across industries. When not addressed proactively, the rapid spread of misinformation fueled by generative AI poses serious cybersecurity threats like disinformation campaigns, deepfakes, and social engineering attacks.
 
Organizations must prioritize cybersecurity awareness and education and move forward in their Zero Trust journey. This is not only for their own protection but also to ensure the integrity of the broader digital ecosystem. In 2024, investing in cybersecurity is not just about safeguarding data; it's about building resilience in the face of an increasingly interconnected, complex threat landscape.

++

Om Moolchandani, Cofounder and CISO of Stealth Company

As we mark Cybersecurity Awareness Month this October, it's a critical time to reflect on the increasing complexity of cyber threats and the growing importance of proactive security measures. With AI-driven attacks becoming more sophisticated, traditional reactive approaches relying on a patchwork of disconnected tools are proving inadequate. This leads to inefficiencies, heightened risks, and rising breach costs.

The cybersecurity landscape is evolving, with data showing that while the average cost of a breach has increased by 10% to $4.88M in 2023, organizations that leverage AI-powered security solutions saved $2.2M in breach costs. These savings stem from enhanced threat detection, automated responses, and streamlined security controls—capabilities that modern businesses can no longer afford to ignore.

Cybersecurity Awareness Month serves as a reminder for organizations to take proactive steps in their defense strategies. By unifying fragmented security tools, conducting real-time attackability analysis, and optimizing existing security controls, businesses can better manage their risk posture. Instead of continuously adding more tools, the focus should be on improving the effectiveness of current security infrastructure, leveraging AI to prioritize vulnerabilities, reduce noise, and prevent breaches before they occur.

In today's environment, the path to robust cybersecurity lies in adopting a unified, AI-powered approach that enhances defense while reducing operational burdens. This October, let's emphasize the need for proactive exposure management, real-time threat analysis, and the intelligent use of AI-driven solutions to mitigate cyber risks. By doing so, organizations can significantly improve their security posture and protect against the evolving threats we face in the digital age.

++

Shashwat Sehgal, Co-founder and CEO of P0 Security

$4.9 million is the average cost of a data breach and that number continues to increase year after year. The rising adoption of cloud technologies is making it imperative to secure sensitive data with more comprehensive security strategies from the outset to avert potentially catastrophic breaches.

In today's cloud-native landscape, the criticality of access level security - defining what individuals are permitted to access within a system - cannot be overstated. Securing identities is at the core of preventing breaches. By controlling an employee's access across the environment, not only are you boosting their productivity and enabling better business outcomes, you're also safeguarding corporate resources and networks. When access to critical systems is secure, the entire organization's risk is minimized.

++ 

Greg Fitzgerald, Co-founder and CXO at Sevco Security

The exploitation of vulnerabilities increased by 180% over the past year, as skilled malicious actors increasingly target weak endpoints while under-resourced security teams struggle to address these threats before they can be exploited. Swift and effective remediation or mitigation of the most critical vulnerabilities must be a strategic priority for security teams - but they need better intelligence to do this: a comprehensive asset inventory, asset intelligence like business criticality for vulnerable assets, and exploit intelligence on the vulnerabilities which enables organizations to prioritize the most critical issues for remediation. Achieving a truly secure attack surface requires a comprehensive understanding of the assets and vulnerabilities involved and the effectiveness of the security tools designed to protect them.

++

Gil Geron, CEO and Co-founder of Orca Security

Make sure you cover the security basics, such as implementing multi-factor authentication (MFA), principle of least privilege, regularly updating and patching software, and encrypting sensitive data. Additionally, leveraging cloud security tools and frameworks, such as zero trust architecture and automated compliance checks, helps you to proactively identify and mitigate potential threats, and improve your overall cloud security posture.

++

Kunal Agarwal, Founder and CEO of dope.security

Every company today uses Microsoft 365 or Google to power their businesses and it's great in many aspects - speed and efficiency are miles beyond 10 years ago. But whether you are a small company or big, your employees end up sharing data with Microsoft OneDrive or Google Drive daily and it becomes a security risk because any file stored there has the potential to be exposed publicly to the world. 

The permission commonly used is known as sharing to "anyone with the link." Depending on the organization, this could have really bad consequences! Imagine an employee accidentally sharing all financial data or all secret architecture documents and never removing that permission - how would you ever know?

That's the purpose of a CASB - activate with one click against your Google/365, find all of the exposed data, classify the data, and start remediating and making sensitive data private. Whether you are a small VC firm, a law firm, or a huge manufacturer, you are still at risk. I urge organizations to evaluate their cloud security to ensure they are not exposed!

++

Sohail Iqbal, CISO at Veracode

As GenAI tools enable adversaries to build increasingly sophisticated attacks, it's important that "we" as an industry build equally capable programs that allow users to detect and stop these threats, with a single click of a button. The number of breaches and vulnerabilities continues to rise every year, many of which are taking advantage of gaps in workforce-dependent security controls. It's time to fight AI with AI. 

My advice to organizations wondering how to stay ahead in this cyber arms race between defenders and attackers is to develop automated security programs - with the use of GenAI - that are consistent, repeatable and continuous. Cybersecurity is important every day, not just one month out of the year.  It should be so ingrained in security culture that it is muscle memory. If it isn't, take a pause, do proper due diligence and take action to safeguard your organization.

++

Mark Sangster, Vice President, Chief of Strategy at Adlumin

In today's hyper-connected world, where everything from mobile devices to smart homes is linked online, the risk of cyberattacks is growing just as quickly as the technology itself. Cybercriminals continue to adapt, targeting both personal and business data. Companies looking to safeguard their online information and privacy - and maintain their customers' trust - must adopt proactive strategies to ensure they're creating safe digital environments. 

This starts with recognizing and reporting phishing and ransomware attempts, as these remain one of the most common attack methods. Additionally, businesses should encourage the use of password managers to strengthen credential protection, while also dispelling any myths surrounding their security or complexity. A focus on enabling multi-factor authentication (MFA) across all networks and devices is another critical measure to prevent unauthorized access. Finally, regularly updating software is essential, as these updates often contain patches for known vulnerabilities. Businesses should prioritize turning on automatic updates to ensure that systems remain protected without manual intervention.

For organizations who are serious about reducing online risks, making an investment in your cybersecurity tech stack is another simple way to ensure online safety. A managed detection and response (MDR) is a cybersecurity service that combines technology with human expertise that helps organizations detect, respond to, and limit the impact of threats. The most comprehensive MDR services will include proactive testing and preparedness, a crucial aspect of cybersecurity protection. It is important to understand how secure your organization's security tools are against threats like ransomware by prioritizing testing defenses and response protocols to ensure readiness in the face of potential threats. Early detection and implementing a multi-layered defense strategy allows organizations to significantly enhance their resilience to evolving cyber threats.

++

Chris Crummey, Director of Executive & Board Cyber Services at Sygnia

Despite the great lengths security and business leaders have taken to limit risk and exposure in preparation for a cyberattack, breaches are on the rise and the reputational and financial cost of a cyber incident is greater than ever. Far too many organizations find themselves in the middle of a cyber crisis without a formal response plan in place. Rather than focusing solely on preventing an attack or figuring out what to once one happens, leadership teams must understand organizational remediation efforts can and should be developed, tested and implemented before an attack happens. It is imperative for those at the top to use this time to evaluate how well their teams will respond when thrust into a dire situation and take the necessary steps to ensure cyber readiness. 

There isn't a single blueprint on what an incident response plan should look like because each crisis is different. However, executives, board members, security teams and others involved must know who takes the lead in responding, what each person's responsibilities are and what steps should be taken to communicate internally and externally. Companies make critical errors that can compound the financial and reputational damage associated with a cyber incident for the simple fact they do not have established roles or responsibilities or a documented chain of command to handle this sort of situation. When people are unsure of what to do, they often inject themselves into the crisis because they believe it is their job to do something. This lack of understanding ultimately slows down the recovery and remediation process. 

Planned actions can easily be lost in the chaos during a real cyberattack because of the natural psychological response employees have to a crisis. Leaders must understand that those involved in the attack will experience a rush of cortisol, the stress hormone that creates a "fog of war" during these times, and it can lead to additional issues. The best way to evaluate how teams will react to a cyberattack is to put the formal incident response plan to the test. Tabletop and wargame exercises are immersive experiences, conducted in a controlled environment, that prepare enterprises to face and mitigate a potential attack. This gives every person within the organization the opportunity to feel, act and behave as if they are in an attack situation. These training exercises foster a well-coordinated response because they allow teams to experience that rush of cortisol, learn how to handle and manage it, and develop the necessary discipline to execute the response plan. 

Once the organization and its cyber incident response plan have been put to the test, the next step is to evaluate the efficacy of the plan and identify opportunities for improvement. It is important to note where the fundamental breakdowns occurred and what can be done to address them. This includes evaluating each level of the response plan, adapting playbooks and runbooks to various situations and circumstances, and evolving pre-crisis plans to account for emerging threats and their effects on the business. This level of preparation allows leaders to trust their teams and empower employees to make the right decisions so they can focus on the broader impact of the crisis and how it affects external stakeholders.

++

Chris Hickman, CSO at Keyfactor

Cybersecurity Awareness Month this year comes at a critical time in our industry. Threats have been amplified by significant advancements in quantum computing, AI and organized and state sponsored hacking. Security talent continues to be a major barrier for organizations to keep up with these emerging threats. It is imperative that we continue to invest in both technology and talent development to ensure that organizations can prepare and scale correctly to address new threats. Companies can take unique approaches to this, perhaps exploring overlooked talent pools in underserved communities to home grow talent, or even partnering with a cryptography partner to ensure compliance in the very near post-quantum future. Quality tools and talent will continue to be priorities for cybersecurity leaders in the years ahead, especially given increasingly complex threats facing the industry.

++

Benjamin Fabre, CEO & Co-founder, DataDome

Where the security industry needs better awareness is the surging bot problem. Approximately 65% of websites are unprotected against simple bot attacks, leaving them vulnerable to financial and reputational damage. Even worse, advanced bots, designed to bypass traditional CAPTCHA defenses, evade detection more than 95% of the time, leaving businesses incredibly susceptible to bot-related threats. These threats include online fraud attempts, bot attacks, DDoS attacks, credential stuffing attacks, ATO fraud, and more.

++

Jon Miller, CEO & Co-founder, Halcyon

While many know the term cyber resilience, there needs to be more awareness of how businesses can actually implement cyber resilience effectively. Effective cyber resilience requires a comprehensive approach that incorporates proactive measures, rapid detection, efficient response, and robust recovery mechanisms. Some of the essential metrics that can assist in bolstering cyber resilience include:

  • Mean Time to Detect (MTTD): This measures how long it takes for an organization to detect a cyber threat or incident. 
  • Mean Time to Respond (MTTR): This measures how long it takes for an organization to respond to a cyber threat or incident once it has been detected.
  • Incident Response Plan Effectiveness: Assess the effectiveness of the incident response plan by measuring how well it is followed during a cyber incident, including factors like containment time, communication effectiveness, and coordination among response teams
  • Cybersecurity Training and Awareness: Measure the effectiveness of cybersecurity training programs by tracking metrics such as employee awareness levels, completion rates of training modules, and performance in simulated phishing exercises.
  • Cyber Risk Exposure: Quantify cyber risk exposure by assessing the organization's risk posture based on factors such as asset criticality, vulnerability severity, and threat likelihood.
  • Backup and Recovery Metrics: Measure the effectiveness of backup and recovery processes by assessing metrics such as backup success rates, recovery time objectives (RTO), and recovery point objectives (RPO)
  • Business Continuity and Disaster Recovery (BCDR) Metrics: Measure the organization's ability to maintain operations during and after a cyber incident by tracking metrics such as recovery time objectives (RTOs), recovery point objectives (RPOs), and the success rate of BCDR exercises.

++

Scott Weinberg, CEO & Founder of Neovera

While we've been celebrating Cybersecurity Awareness Months for over twenty years now, the last few years have seen unprecedented growth in the industry. As companies race to meet business objectives and improve customer satisfaction, digitalization has surged. Organizations are increasingly adopting cloud-based technology and embracing remote work, shattering the traditional perimeter-based security model. In today's digital landscape, with the rise of cloud services and mobile devices, identity has become the new perimeter. 

Attackers no longer need to breach physical perimeters; with stolen credentials, they can infiltrate and move laterally across networks undetected. Identity and Access Management (IAM) is now essential to cloud security, enabling organizations to control who has access to privileged resources. A strong IAM system should work like the keys to your home, granted only to those you trust, whether temporarily or permanently. By defining roles, permissions, and authentication methods, security teams can defend against threats at the most vulnerable access point-identities.

++

Rahul Powar, Founder and CEO, Red Sift

CISOs know better than anyone that ransomware, phishing schemes, and business email compromise attacks are on the rise. As a result, security teams have been inundated with incident recovery and response - reacting to incidents, attempting to respond while keeping operations intact, and managing internal and external stakeholders accordingly.  Traditional methods of reactive security have become outdated, fueled by a disconnect between board priorities and the strategies needed to ensure firm-wide protection. Working in unison, organizations must move towards more proactive security standards, reducing the opportunities for attacks and making the most of the available capacity.

Businesses with an excellent foundation of preventative security measures are succeeding, through the implementation of protocols like DMARC, TLS and MTA-STS.  From there, the next step is expanding visibility and automation into exploitable gaps in security protocols - as seen in the recent SubdoMailing attack. Managing this practical strategy and extending firm-wide protection, under constrained budgets and board expectation will drive business growth, build resilience, and maintain compliance. This can ensure reliable and secure outcomes now and in the future. 

++

Andy Lunsford, CEO and Co-Founder, BreachRx

The current incident response paradigm is broken. As regulators aggressively punish companies for negligent cybersecurity practices and responses, organizations need proactive, automated processes that bring order to the chaos before, during, and after incidents. This requires a comprehensive strategy that not only ensures teams are executing the right actions at the right times but also emphasizes transparency in their efforts. Organizations must recognize that a plan is not sufficient on its own; they need to operationalize their response through practiced, automated procedures that are digitized for efficiency. By doing so, they can provide regulators with the necessary documentation while empowering their customers to take informed actions to protect themselves. Ultimately fostering a culture of accountability and resilience in the face of evolving cyber threats.

++

Larry Zorio, Chief Information Security Officer at Mark43

To effectively manage organizational risk tolerance, start by identifying your most valuable assets through an inventory of “crown jewels.” Then, build a risk strategy by asking key questions and prioritizing investment in secure, resilient technology, as it will save you time and cost in the long run.

In addition, adopt a recognized framework like the NIST Cybersecurity Framework (CSF) to provide a structured approach to managing cybersecurity risks. Tactical items to include are vulnerability management, regular backups, monitoring, and audit functions, and incident response tabletop exercises to ensure you build muscle memory for seamless mitigation in the event of a breach.

++

Shantala Sadananda, President of Banking & Financial Services and Emerging Markets, Innova Solutions

The payments industry continues to evolve rapidly, particularly with advancements in biometric authentication and artificial intelligence (AI) enhancing security protocols. Digital wallets are a prime example of this progress, providing consumers and businesses with convenient, secure payment options. As we adopt these new technologies, National Cybersecurity Awareness Month emphasizes the importance of multi-factor authentication (MFA) as a foundational security measure.
 
With the rise of AI-driven fraud detection systems and biometric verification (such as fingerprint or facial recognition), financial institutions can further fortify access to digital wallets, making it more difficult for malicious actors to compromise sensitive data like credit card information or personal identification numbers. MFA adds an essential layer of protection, ensuring that even in an increasingly digital-first world, customers can confidently use digital wallets for secure transactions. The integration of AI and biometrics into MFA strengthens cybersecurity defenses, reducing vulnerabilities and increasing consumer trust.
 
As digital wallets become more mainstream, leveraging these technologies will be key to staying ahead of emerging cyber threats and maintaining a secure financial ecosystem for both institutions and users alike.
 
++
 
Jamie Moles, Senior Technical Manager, ExtraHop

If you look closely at the fallout of ransomware incidents that occur today, many large-scale attacks are a direct result of various spear phishing schemes via social engineering. This is largely because hackers know humans are the easiest entry point for extensive and robust attacks. According to ExtraHop’s Global Ransomware Trends report, security leaders are increasingly being targeted by ransomware actors, reporting nearly eight incidents per year and paying out an average of $2.5M in ransom payments. The unfortunate reality is that at one point or another, we’ll all be a target of an attempted phishing attack, but we also have the power to not let it escalate into a ransomware attack.
 
Recognizing signs that indicate you might be the target of a phishing attempt is the first piece of the puzzle. Spear phishing attacks can be initiated in various forms, whether that’s receiving a suspicious email with major spelling or grammar mistakes, unusual phone calls, or suspect text messages. The most important step to take is to directly report any suspicious communication to your IT department – By doing so, you can significantly reduce the risk of these attempts finding success on other colleagues and also give the IT department the opportunity to stay aware of these attempts.
 
As we observe Cybersecurity Awareness Month, it’s a good reminder that phishing attacks require a great deal of proactivity. Luckily, living in an AI-everywhere world, technology has provided the potential for us to better recognize phishing attacks by quickly identifying attempts with greater capability. However, even with the help of technological advancements, the average person should still always remain vigilant of phishing and be cautious when sharing sensitive information online with any sort of party.

++

Harold Rivas, CISO, Trellix

This year’s Cybersecurity Awareness Month is arguably more important than ever. The past six months have been marked by unprecedented events, entering us into a state of concurrent crisis. From elections to warfare to global outages, these factors have intensified cyber threat activities worldwide. We are witnessing dramatic shifts in behavior, making the cybersecurity landscape increasingly complex.

Every day, new bad actors appear, and fresh vulnerabilities, exploits, and tactics are uncovered. We work in an ever changing, fast-evolving industry. For example, as we get closer to the election, we’ve most recently observed massive spikes in cyber threat activity on August 21, 2024, the day of the Democratic National Convention, including more than 11M detections of malicious activities against US government organizations. Our latest CyberThreat report also identified an increasing amount of China- and Russia-linked threat actors and the emergence of U.S. election donation-themed phishing scams. For CISOs and security operations leaders, operational threat intelligence is essential to gain insight into the latest threats, grasp a comprehensive understanding of their security posture, and pinpoint potential gaps in their cybersecurity strategy.

++

Amer Deeba, CEO and Co-Founder of Normalyze

The role of CISOs and CDOs in today's enterprises is increasingly overlapping, particularly as data breaches become a focal point of accountability debates. Cybersecurity Awareness Month highlights this convergence, prompting a critical evaluation of data ownership and breach responsibility within organizations. As we anticipate sensitive data in the public cloud to surge, the need for a redefined, unified role becomes apparent. This month, let's use this awareness to advocate for a strategic rethinking of these positions, aiming for a clear demarcation of responsibilities to enhance organizational data governance and security accountability.

 ++

Tim Perry, Head of Strategy at Prepared

Emergency systems need to be resilient. They can’t be vulnerable to disruption, whether it’s a storm that knocks down a wire, a cyber attack or a failure of one of the PSAP’s legacy software providers to keep their creaky old software up and running. There’s probably a misconception in the market that on-premises solutions are somehow more secure than cloud-based solutions. They are not. Cloud-based solutions do what the next-generation 911 movement has been trying and not always succeeding to do for a couple of decades, which is to improve the resiliency of systems.

It’s important to stay ahead of cybersecurity compliance requirements and to always evolve as a technology, because the threats themselves evolve. Legacy software can be really inadequate or buggy; from our perspective, it’s just a failure to evolve. When you're thinking about cybersecurity, it's as important to think about ‘who’ as to think about ‘what.’ Are you concerned about a cyber criminal, or a nation-state actor? Depending on who you think it is, you might choose different approaches to cybersecurity.

++

Ameesh Divatia, CEO and Co-Founder of Baffle

The Future of Cloud Data Security:

  • Organizations can’t just rely on cloud providers to keep their data safe anymore, it’s on them to take charge. While providers handle the infrastructure, it's up to companies to protect their sensitive info.
  • The best way forward is a 'fail-safe' approach: even if there’s a breach, the data should be useless to anyone who’s not supposed to have it.
  • End-to-end encryption is necessary, and we can’t depend on people to always make the right security choices. In the future, cloud security is all about owning your data and locking it down with the right encryption strategies.

The Gen AI Winter:

  • We’re heading toward a 'GenAI winter,' when the excitement cools and the focus shifts to practical uses. GenAI is great for ideation and drafting, but it won't replace human expertise, especially in high-accuracy roles. It's also not a search engine—human oversight is crucial to ensure reliability. As GenAI evolves, businesses must balance innovation with navigating regulations and data privacy concerns.
++
 
Ronak Massand, Co-founder and CEO of Adaptive

The current state of cybersecurity requires a fundamental rethinking of our strategies, as existing approaches are clearly not effective. Breaches continue to rise at alarming rates despite increased spending and a flood of new tools in the market.

One core issue in cybersecurity is that we've overemphasized detection and alerting mechanisms. Whether the alerts stem from cloud misconfigurations, posture management issues, identity governance lapses, or post-breach anomalies, they all contribute to an overwhelming number of notifications for security teams. While detection is obviously important, the sheer volume of alerts outpaces the resources available to address them, leading to alert fatigue, where critical alerts may be overlooked or deprioritized. This is one of the reasons behind rising breach count.

A more effective and sustainable cybersecurity strategy would prioritize proactive protection over reactive detection. Strengthening access controls, securing networks, and safeguarding data at all times should take center stage. The principle of least privilege (PoLP), along with robust data protection strategies for both human and machine identities, represents a pathway to enhancing security posture and reducing the likelihood of breaches.

However, this is no easy task. Moving towards a proactive model requires a comprehensive platform that can deliver broad coverage across various attack surfaces and a disciplined, continuous improvement process. Achieving these goals is not just about deploying better technology—it's about fostering a security-first culture that integrates cybersecurity into every part of an organization’s operations.

++

Niall Browne, Chief Information Security Officer, Palo Alto Networks

This Cybersecurity Awareness Month, it is critical for businesses to stay ahead of increasingly sophisticated cyber threats. Today’s attackers – armed with AI and advanced strategies – are constantly evolving their tactics, and according to a recent report from Palo Alto Networks, there has been a surge in phishing campaigns, a notable rise in social engineering techniques, and in nearly 50% of cases, attackers exfiltrated data in less than one day after a compromise.

To address the evolving cybersecurity landscapes, some tips for how businesses can best protect themselves include:
  • Keeping software and operating systems updated. Attackers exploit unpatched systems to gain unauthorized access, stressing the importance of timely patch management. Regular updates help prevent exploitation and security risks to organizational data.
  • Upgrading employee training. Vigilance against phishing is essential, with employees trained to recognize and report suspicious activity. Regular security training and incident drills equip teams to respond to cyber threats.
  • Using strong passwords and multi-factor authentication (MFA:) Businesses must protect themselves by implementing strong, unique passwords, timely software updates and MFAs – which provide an added layer of security and make it more difficult for attackers to gain access.
By taking proactive measures, businesses can significantly reduce the risk and impact of potential breaches, maintaining resilience in today’s evolving threat landscape.
 
++

From Art Gilliland, CEO, Delinea
 
As the new year approaches and business leaders prepare their FY25 budgets, security leaders must prioritize what truly matters: investing in integrated identity security solutions, with centralized authorization at the core. Rather than being overwhelmed by the sheer volume of available options, it's essential to focus on smart investments that align with broader organizational goals and address the most pressing security needs. In a landscape where both costs and complexity are high, centralized authorization ensures secure, efficient access management while supporting long-term business resilience.
 
By prioritizing identity security and centralized authorization, organizations can strengthen their defenses against evolving threats while maintaining operational efficiency. As security leaders plan for the future, the focus should be on building a resilient foundation that not only mitigates risk but also scales with the organization's growth. Smart investments made today will empower teams to proactively manage access, reduce vulnerabilities, and ensure sustained protection in an increasingly complex digital environment.

++

Nils Gerhardt, CTO of Utimaco

PQC's Y2K: When we think of the hype around Y2K and how that failed to be the disaster many predicted, it’s easy to think that Q-Day might be the same. But the reality is that the day when quantum computers can break standard encryption is definitely not science fiction. It’s going to happen and it’s fast approaching. For large organizations and governments who depend on legacy systems, the impact could be particularly dangerous. Dedicated efforts should be made now by migrating to  post-quantum cryptography (PQC) to prevent a data apocalypse in the future. There’s no such thing as preparing too soon.  

Recognizing cybersecurity’s impact on sustainability: While sustainability and security may not seem related, at least not on face value, there is actually a link and organizations need to consider it. Time, money, electricity, and countless other resources are needlessly expended to undo the damage of successful attacks – not to mention attacks that directly impact the environment, like the disabling of water treatment plants. Security posture, both directly and indirectly, impacts environmental sustainability efforts.  

++
 
Mikey Pruitt, MSP Evangelist, DNSFilter

Our 2024 security report found that the average user encounters five malicious queries per day, while phishing attempts have risen by 106%, and malware detections are up on the DNSFilter network 40% year-over-year. This surge highlights the urgent need to safeguard infrastructure via DNS to block threats before they reach users. Despite this, protective DNS is often overlooked, leaving organizations exposed to significant cyber risks. As the first point of contact between users and the internet, DNS must be treated as a foundational layer of defense to prevent these escalating threats.

Visibility into DNS queries is indispensable for making informed security decisions. By actively monitoring DNS traffic, businesses can block malicious domains, manage access, and respond to emerging threats in real time. This not only strengthens defenses against phishing and malware but also offers the flexibility to the rapidly evolving threat landscape.

++
 
Saryu Nayyar, CEO, Gurucul
 
Insider threats are no longer a distant possibility but a critical and immediate reality. Our 2024 Insider Threat Report highlights this, with 48% of organizations reporting an increase in these attacks over the past year. These threats cannot be adequately addressed through outdated, traditional defenses. Instead, they require strategic, technology-driven solutions. By leveraging advanced AI and machine learning for real-time monitoring and analysis, organizations can detect and mitigate insider risks before they escalate, providing effective, affordable protection.  

Despite the rising prevalence of insider threats, 52% of organizations still lack the necessary tools to monitor insider activity. This gap can be bridged with AI-driven solutions, utilizing machine learning-based behavior profiling and predictive risk-scoring algorithms. These technologies allow security teams to prioritize high-risk activities, minimize false positives, and automate response actions. With this proactive, intelligence-driven approach, organizations can stay ahead of both known and emerging threats, maintaining robust security in today’s increasingly complex cyber landscape.

++
 
Paul Walker, Field Strategist, Omada
 
The Critical Role of Identity Security in Protecting Organizations

Identity security is increasingly recognized as one of the most critical aspects of modern cybersecurity strategies. As organizations continue to embrace digital transformation and rely more heavily on cloud environments, ensuring that only the right people have the appropriate access to systems, applications, and data is vital to protecting sensitive information. Cybercriminals are continually refining their tactics, and a common entry point for many of their attacks is the exploitation of poor identity security hygiene. Weak identity management processes, such as inadequate authentication policies and excessive user privileges, create vulnerabilities that hackers can exploit to infiltrate IT systems and escalate their access privileges.

Despite the clear threat, many organizations, regardless of size or vertical, exhibit a low level of maturity when it comes to investments in identity security, in particular identity governance. Research is freely available to show that a significant percentage of companies do not implement key preventative measures, such as strong multifactor authentication (MFA), regular user access reviews, leaving their systems open to attacks. According to a report by Verizon, over 80% of hacking-related breaches leverage compromised credentials . This statistic highlights the importance of investing in identity governance solutions that can proactively detect potential vulnerabilities and enforce compliance, ensuring that access to systems is tightly controlled and monitored.

Adopting a Zero Trust and Least Privilege approach to identity security is essential for organizations seeking to minimize identity security risks. Identity Governance and Administration solutions such as Omada Identity Cloud provide the required least privilege approach while maintaining operational efficiency and alignment to user access controls mandated by regulatory frameworks such as SOX, GDPR and HIPPA. Zero Trust assumes that no user, whether inside or outside the organization, can be trusted by default, requiring continuous verification before granting access to resources. Coupling this with a Least Privilege model, where workers are granted only the minimum necessary access to perform their roles, helps prevent toxic combinations of access and unauthorized exposure to sensitive data. These strategies not only safeguard critical systems from cyber threats but also improve compliance with regulatory standards, ensuring that organizations remain secure and resilient in an increasingly hostile cyber landscape.
 
++
 
Ram Mohan, Chief Strategy Officer at Identity Digital

This Cybersecurity Awareness month, I would like to highlight the critical role domain registries play in securing the online ecosystem. They are the gateway to secure and trusted online experiences. Without reliable registries, the internet would lack the organization and accessibility needed for users to find information online.

Unfortunately, Domain Name System (DNS) abuse poses threats to the safety of this ecosystem, and can lead to significant harm, including identity theft and loss of trust. These threats can take the form of phishing, malware, pharming, botnets or spam. Worse, when used as a delivery mechanism, DNS abuse doesn’t just harm the individual targeted, it reduces confidence in a single, interoperable internet.

This is where registry services focused on protecting and securing the DNS come into play. Combating DNS abuse requires collaboration across various sectors. Whether it be registries and registrars, hosting providers, or online platforms, safeguarding the internet is a collective responsibility, and we must ensure that the internet is a secure and stable environment for creators, organizations, and businesses to connect with their audiences.

The good news is that organizations worldwide are starting to see the importance of DNS security. For example, emails are now secured using domain-based message authentication, reporting, and conformance (DMARC), a technology that has surged in use by 28% since 2020. With the advancement of Artificial Intelligence (AI), the distinction between good and bad actors is further blurred. Responsible organizations must collaborate and cooperate to ensure we stay ahead of the next set of threats to cybersecurity.
 
++
 
Kenny Johnston, Chief Product Officer, Instabug

Cybersecurity Awareness Month is an important reminder of the responsibility companies have to safeguard their operations, employees, customers and clients. Especially in the enterprise SaaS sector, ensuring your clients’ data is secure is of the utmost importance. Organizations both large and small depend on their service partners to maintain a secure line of access to their company’s data in order to utilize the breadth of that data to enhance their own business practices.

When that trust is broken, whether through an intentional attack on systems or an honest mistake or lapse in security protocols, it’s difficult to regain. It’s a financial and reputational imperative that SaaS providers reassess and constantly improve their data privacy and cyber protections to demonstrate to stakeholders that they can feel safe sharing their data. One way to build deeper trust, in addition to standard encryption practices, is to conduct regular third-party penetration tests against applications and APIs to validate and improve your organization’s security and privacy capabilities.

Cybersecurity as a constantly evolving necessity in the technology sector is a perfect example of the saying, “it’s about the journey, not the destination,” meaning that you should be viewing cybersecurity as a verb, not a noun.
 
++
 
Antonio Sanchez, Principal Cybersecurity Evangelist, Fortra

In the world we live in we cannot expect others to protect our personal privacy so we must take steps to protect ourselves. This year for Cyber Awareness Month I challenge everyone to do one new thing that helps protect their privacy and increase security of our digital interactions.

Here are some ideas to consider:
  • If you use the same password/passphrase for all your sites then start using a password manager and create unique passwords.  Start with just a few sites to get used to using it and then gradually add other sites with new passwords.
  • If you use a password manager then increase the number of characters and character types when generating a password.
  • If you have never used multi-factor authentication app then start using one.  Google Authenticator and Microsoft Authenticator are available for iOS and Android, they are free, and extremely popular so there are lots of resources and videos to help people get comfortable with using them.
  • If you have never used a shredder then purchase one and get into the habit of shredding mail or other documents with sensitive information you want to discard by shredding them.  This includes those copies of tax returns that are over 7 years old, those checks that come in the mail from your bank which can be used for balance transfers, and monthly bills.  
There are lots of other examples.  Just stop and think about anything that contains personal data and a step you can take to protect it.

And one other thing, make sure to freeze your credit reports with Experian, Equifax, and Transunion to prevent someone taking out a credit card or mortgage in your name.
 
++
 
Rocky Cole, Co-founder/COO of iVerify

As Cybersecurity Awareness Month unfolds, the often-overlooked risk to our mobile devices needs more attention. Mobile phones have become essential business tools, housing sensitive data and acting as gateways to both our professional and private lives. Yet, despite the growing sophistication of mobile threats– like the spread of mercenary spyware– many organizations still underestimate the importance of mobile security.

Too often, mobile devices are treated as secondary to other endpoints, leaving them vulnerable to threats like malware, phishing, and credential theft. The reality is that mobile security demands a more advanced approach– one that prioritizes both protection and privacy without invasive measures that compromise user trust.

As we raise awareness this month, let’s broaden the conversation around mobile security. These devices are key to the future of work, and leaving them unprotected is a risk no organization can afford. Prioritizing both security and privacy is essential in safeguarding our mobile-first world.
 
++
 
Patrick Sayler, Director of Social Engineering at NetSPI

The prevalence of social engineering attacks is a harrowing reminder that, unlike traditional techniques that threat actors use, these attacks target the weakest link in the security chain — your people. Phishing remains the leading cause of security incidents, accounting for 73% of breaches. What’s more, vishing attacks continue to evolve and become more complex as AI is increasingly used for voice cloning, deepfakes, and more.

This Cybersecurity Awareness Month, security leaders need to equip internal teams with the knowledge and processes to combat these threats in order to build a resilient - and proactive - defense strategy. By implementing social engineering pentesting, organizations can build a human firewall that is just as strong as their technical defenses. It’s not a matter of if, but when, your organization will become the victim of a social engineering attack. Don't wait for a breach like this to happen–be proactive and be prepared.
 
++
 
Tim Eades, CEO and Co-Founder at Anetac

In today's digital landscape, many security breaches stem from overlooked basic security practices rather than sophisticated attacks. This year’s Cybersecurity Awareness theme “Secure our World” reflects this oversight organizations often have. While advanced security tools are valuable, organizations benefit most when they prioritize fundamental practices including strong passwords, a password manager, multi-factor authentication, keeping software up to date.

The difference between a minor incident and a major breach often comes down to these basics. Our research indicates that 53% of organizations take over 13 weeks to rotate passwords—a gap that creates unnecessary vulnerabilities. As we innovate against emerging threats, we can't neglect the fundamentals. A modern identity security strategy must combine robust security hygiene with advanced tools for complete visibility into both human and machine identities.

By focusing on a balanced approach—combining sound security practices with advanced tools—organizations can significantly enhance their resilience against potential breaches. Remember: attackers will always choose the path of least resistance. Don't make it easy for them.
 
++
 
Doug Kersten, CISO, Appfire

Cybersecurity Awareness Month highlights the critical need to safeguard our digital environments, focusing on the growing challenges organizations face with technology policies—particularly Bring Your Own Device (BYOD), AI implementation, and regulatory compliance.

The shift from comprehensive BYOD solutions to a complex landscape of multiple solutions has left organizations vulnerable to threats from malicious actors and significant regulatory risks. AI is also reshaping how organizations manage BYOD and cloud transitions. As AI-driven technologies require robust cloud infrastructure, businesses must reevaluate their data security strategies and recognize that the responsibility for data security is increasingly shared with cloud vendors. This evolution not only changes data protection dynamics but also raises the stakes for compliance with emerging regulations.

To combat these risks, fostering a culture of security awareness is essential. Employees should be educated and empowered to report suspicious activities and discuss potential risks. By proactively addressing the challenges of BYOD, navigating regulatory complexities, and responsibly leveraging AI, organizations can enhance their cybersecurity posture and better protect sensitive information.
 
++
 
John Visneski, CISO, Sumo Logic
 
With countless breaches, existing software security issues and recent supply chain attacks, it’s simply not enough to be cyber aware for a month – it must remain a critical, year-round priority. To do so, organizations need to actively foster a culture focused on cybersecurity, and that starts with collaboration among internal teams and having the right tools in place.

The right tools should rely on a single source truth that security teams as well as developer and IT teams can all agree is an accurate data source and leverage AI and automation to benefit the user:
  • Look beyond your security tools to identify opportunities for collaboration. Observability tools used by engineering teams should sing off the same song sheet as security tools, like log data, to provide deeper visibility into the health and security of applications while promoting cross-team collaboration.
  • An ever-growing sea of solutions claiming to be AI-powered. “AI-washing” marketing tactics are real, so select tools that truly enhance threat detection and automation.
With the right tools, organizations strengthen cybersecurity and culture while reducing burnout.
 
##
Published Tuesday, October 08, 2024 6:30 AM by David Marshall
Filed under: ,
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<October 2024>
SuMoTuWeThFrSa
293012345
6789101112
13141516171819
20212223242526
272829303112
3456789