October is Cybersecurity Awareness Month, and this year is particularly special as we mark the 20th anniversary.
Since 2003, the National Cyber Security Alliance has teamed up with the government and private industries to increase cybersecurity awareness in a bid to help users prevent cyber attacks.
This year's theme is "Secure Our World", as it aims to promote cybersecurity tips and best practices that are not restricted to October but can be followed throughout the year.
In this blog, we’ll take a closer look at some of the significant data breaches from the past year, and review the NCSA’s recommended best practices for cybersecurity going forward.
Let’s get into it!
In August, a monumental data breach occurred when sensitive information, of nearly 10,000 PSNI staff, was exposed online for three hours.
This breach highlighted the importance for ongoing employee training and awareness initiatives, especially in large organisations where attacks can have a long tail and substantial impact.
June 2023 witnessed a widespread data breach affecting over 100 organisations. The Clop ransomware gang constructed the breach.
This incident has reminded us of how important it is to implement strong cybersecurity measures. This includes proactive security measures, keeping your security up to date, and having an incident response and reporting plan to respond to incidents like this.
During the year, thousands of NHS patients' data leaked due to a phishing attack.
The attacker accessed an employee's email account containing confidential patient information, highlighting the risks of phishing.
This stressed the importance of thorough employee training and regular security policy reviews.
In February, Pepsi experienced a data breach from a malware attack on its payroll systems.
This breach exposed employee data, including names and social security numbers, stressing the need for continuous software monitoring and updates.
These 2023 data breaches provide a reminder of the significance of cybersecurity awareness and the best practices to follow to protect sensitive information.
We have all encountered a friend or colleague with a password that ends in the infamous "123."
These kinds of passwords, while easy to remember, are also the first ones potential hackers might guess.
It's no secret that they provide little protection.
Three tips to strengthen your password security:
However, remembering unique and complex passwords for every service can be tricky, which is why using a secure password manager is recommended.
A password manager can safely store all your passwords with the only requirement of remembering one password.
Multi-Factor authentication (MFA) is like an extra lock for your digital doors, available to all and strongly recommended. If someone somehow guesses your password, MFA acts as a second line of defence.
Even with your password, they can't access your information without your active involvement. Users should set up MFA in a way that requires a secondary code sent to another device when a password is entered.
This extra step helps to verify your identity.
Phishing attacks are a growing problem and have evolved significantly over the last 20 years, becoming increasingly sophisticated.
This Cyber Awareness Month aims to educate users on how to spot and report phishing attacks before any consequences occur.
Telltale signs of phishing:
By following these simple steps, you can play a crucial role in staying safe from phishing attempts and keeping your information secure.
Although that "new update available - click now" button might sometimes seem inconvenient, skipping these updates can leave you open to attacks.
Updates fix problems and patch security holes, preventing hackers easy access.
At Bob’s Business, we know that raising employee awareness is a year-round process!
That's why we offer uniquely engaging training courses to enhance your security and truly effective phishing simulations for organisations of all sizes.
In addition, this Cybersecurity Awareness Month, we have created a free Cybersecurity Awareness Month Pack, especially for your organisation.
This pack will provide you with the resources to enhance your security, including checklists, email templates, and password guides! Interact with the bot below 👇