Joint dark green 3 FINAL

5 Ways to Maximize Cybersecurity Awareness Month

October 3, 2022

It’s time to turn the page on the calendar, and we are finally in October—the one month of the year when the spooky becomes reality. October is a unique juncture in the year as most companies are making the mad dash to year-end, and employees are starting to gear up for the next year, setting new goals and planning sales kickoffs. But for those in the cybersecurity field, October is that magical month where the spotlight turns to cybersecurity as we take part in Cybersecurity Awareness Month.

Celebrating Cybersecurity Awareness Month

This month is an opportunity to highlight the importance of cybersecurity awareness and how being security-savvy protects both the organization and employees. Cybersecurity Awareness Month is also an opportunity to leverage the marketing and corporate communications team to add their creativity and expertise to get the message out to your audience.

Finding the right activities to share the message can be difficult though, especially with remote teams. Here are some ideas from my past experience as CISO, and some of my plans for promoting cybersecurity awareness here at Abnormal.

  1. Underscore the Personal Value. Would-be scammers target people and businesses, so any advice should encompass both the personal and the company context. An employee that becomes a victim of identity theft or extortion is a distracted employee, and ultimately a potential risk to the organization. Teaching employees how to keep their kids safe online or fine-tune their social media accounts to protect their privacy can be beneficial, and my experience has been that employees are appreciative that we care about their personal safety. Plus, cybercriminals look at personal accounts to access professional ones, often hoping that people will use the same password across websites. Make it personal, and they’re more likely to participate.

  2. Make It Memorable. The impact of cybercrime can be sobering, but the best way for humans to retain information is by keeping it concise, memorable, and including humor. The most impactful training material consists of a few self-deprecating one-liners. Fun stickers that include slogans or reminders for employees to lock their screen or use complex passwords keeps the concept front and center as a ready reminder. You can send these out in early October as a way to celebrate the month.

  3. Keep It Fun. Gamification, competition, and giveaways get people involved deeper than making them watch boring role training videos. Using a game like BINGO or a scavenger hunt that forces employees to dig into the security documentation to find policies like the minimum password character requirement gets them beyond the quick skim. You can also use online quizzes or remote games like Kahoot to encourage participation. Rewarding participants with prizes like a year-long subscription for a password manager or a high-quality webcam cover will continue to reinforce good habits long after the month is over.

  4. Include Guest Speakers. Your employees may be tired of hearing the same information from your team, or from the training videos through your security awareness platform. Creating a Lunch and Learn event and inviting a guest speaker to attend is a fun way to engage your employees, and provides a new opportunity to reinforce the message. In the past, I’ve had members of the FBI speak, and security vendors are always willing to speak about security trends and how employees can protect themselves.

  5. Start a Year-Long Program. Use this opportunity to see which activities inspire the most awareness and participation, and use that information to create a year-long calendar. Continue to keep cybersecurity top of mind with new activities, which can be particularly helpful as new people join your team. Create a Cybersecurity Happy Hour or ask security professionals to speak at a Lunch and Learn once a month, or ask employees to spend 30 minutes each month on a quick activity to keep the momentum. This month is your opportunity to get people excited so they continue to think about cybersecurity throughout the rest of the year.

As has been the case for most of this year, October will fly by quickly, and everyone will move on from Cybersecurity Awareness Month. If you are responsible for your company's cybersecurity program, make sure you take full advantage of the momentum that October can bring to keep your employees engaged and cyber-focused throughout the year.

Continue to look for unique ways to interact and try to find fun, bite-sized ways to keep attention on protecting employees and the company. After all, cybercriminals are hard at work the entire year—and you should be too.

Abnormal would love to help you celebrate Cybersecurity Awareness Month! If you’re looking for a guest speaker to discuss business email compromise and other email attacks, contact us today.

Image

Prevent the Attacks That Matter Most

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.

0
Demo 2x 1

See the Abnormal Solution to the Email Security Problem

Protect your organization from the attacks that matter most with Abnormal Integrated Cloud Email Security.

Related Posts

B 09 29 22 CISO Cybersecurity Awareness Month
October is here, which means Cybersecurity Awareness Month is officially in full swing! These five tips can help security leaders take full advantage of the month.
Read More
B Email Security Challenges Blog 09 26 22
Understanding common email security challenges caused by your legacy technology will help you determine the best solution to improve your security posture.
Read More
B 5 Crucial Tips
Retailers are a popular target for threat actors due to their wealth of customer data and availability of funds. Here are 5 cybersecurity tips to help retailers reduce their risk of attack.
Read More
B 3 Essential Elements
Legacy approaches to managing unwanted mail are neither practical nor scalable. Learn the 3 essential elements of modern, effective graymail management.
Read More
B Back to School
Discover how threat group Chiffon Herring leverages impersonation and spoofed email addresses to divert paychecks to mule accounts.
Read More
B 09 06 22 Rearchitecting a System Blog
We recently shared a look at how the Abnormal engineering team overhauled our Unwanted Mail service architecture to accommodate our rapid growth. Today, we’re diving into how the team migrated traffic to the new architecture—with zero downtime.
Read More
B Industry Leading CIS Os
Stay up to date on the latest cybersecurity trends, industry news, and best practices by following these 12 innovative and influential thought leaders on social media.
Read More
B Podcast Engineering 11 08 24 22
In episode 11 of Abnormal Engineering Stories, David Hagar, Director of Engineering and Abnormal Head of UK Engineering, continues his conversation with Zehan Wang, co-founder of Magic Pony.
Read More
B Overhauled Architecture Blog 08 29 22
As our customer base has expanded, so has the volume of emails our system processes. Here’s how we overcame scaling challenges with one service in particular.
Read More