Cybersecurity Awareness Month: Tips to Supercharge Your Security Operations Practice

October is Cybersecurity Awareness Month, a time when businesses, individuals, and organizations come together to improve their cyber resilience. One of the most crucial areas of focus is security awareness and training—ensuring every employee understands their role in defending against cyber threats (and sneaky anomalies).

In the SOC Unlocked podcast, we explore the latest trends and tactics with cybersecurity experts, sharing practical insights to help organizations boost their security. Here are some key takeaways from the series on how targeted awareness and training programs can strengthen your security posture.

A recent guest on SOC Unlocked was Eric Zielinski, Head of Application Security and Cloud Security Engineering at Options Clearing Corporation. In his episode, Eric highlighted the significant role human error often plays in cybersecurity breaches:

"It's a matter of time before human error just takes over."

Misconfigurations, forgotten processes, and accidental data exposure remain major vulnerabilities. This reinforces the need for continuous training and awareness to mitigate human error.

In his episode of the podcast, Anthony Coggins, Director of Information Security at Acrisure, highlighted the critical need for keeping security awareness training regularly updated:

“Security awareness training is important... but how do you attain that meaningful awareness of the human firewall aspect?”

Organizations must create dynamic, engaging, and ongoing training programs that address current threats, such as deepfakes and multi-factor authentication (MFA) bypass attacks. Simply checking the box on training is not enough.

Dave Kennedy, Founder & Chief Hacking Officer of TrustedSec and Binary Defense, spoke to SOC Unlocked about the critical role that understanding offensive techniques plays in developing robust cybersecurity defenses:

"By understanding the offense, you have a much clearer picture about the best way to defend against the attackers... you can't defend something you don't understand."

Training in offensive tactics, such as penetration testing and red teaming, helps organizations recognize vulnerabilities more effectively. Cybersecurity professionals who understand how attackers operate are better equipped to identify suspicious activities and respond effectively, making this an essential aspect of any awareness program.

Kennedy also addressed the importance of behavioral analytics in identifying potential threats, especially when traditional tools may overlook subtle signs:

“What we will fix is hopefully more simplistic ways of looking at complex data that will allow us to be more refined in responding to threats versus the noise.”

This emphasizes the need for awareness programs that train employees to recognize deviations from normal behavior. Shifting to anomaly detection over signature-based methods is key in modern security, making continuous learning a priority for all staff.

In the premiere episode of SOC Unlocked, Managing Partner of InfoSec Innovations Mick Douglas highlighted the issue of alert fatigue, where overwhelmed security teams struggle with the volume of alerts, which can lead to missed incidents:

“Post-alert enrichment where the SOAR [Security Orchestration, Automation, and Response] will go in, do some additional queries, validate to the extent that it can, and then instead of having just a dumb alert, you have a portfolio of why we think this thing is bad.”

Awareness programs that incorporate automation and contextual enrichment can improve security operations by reducing alert fatigue. By focusing on real threats, security teams can respond more efficiently and avoid burnout.

SOC Unlocked guest Joe Morrissey who serves as an Incident Commander & Director of Threat Response at a Fortune 100 Financial Services Company, also spoke about the importance of automation as a supplement to human expertise—not a replacement. He points out:

"Automation is important, but we can’t automate everything... context still matters."

While automation helps manage alerts and repetitive tasks, human oversight is still essential. Awareness programs should focus on balancing automation with human judgment to ensure effective decision-making.

Jeremy Ventura, Field CISO at Myriad360, shared a real-world example where an insider threat caused significant damage due to a lack of attention to internal security measures:

“They had a blind spot. And that blind spot was, what is actually going on internally within my network? What happens if I have a disgruntled employee?”

Clearly, awareness training must go beyond defending against external threats to include the risks of insider threats. Educating employees on monitoring internal behaviors, managing access control, and automating onboarding and offboarding processes are critical steps in minimizing these risks.

Joe Morrisey shared the importance of soft skills, like communication and cross-departmental collaboration, as essential components of cybersecurity:

"Cybersecurity is a team sport... It’s about asking questions, communicating well, and working together."

While technical skills are crucial, the ability to communicate complex issues, share insights across teams, and collaborate efficiently can often be the difference between stopping a cyberattack or letting it slip through the cracks. Cybersecurity awareness programs should also focus on developing these interpersonal skills, as working effectively with colleagues, across departments, and even externally with vendors or partners is essential for a well-rounded security posture.

Jeremy Ventura also highlighted the need for aligning security with business objectives:

“Cybersecurity is not a technical issue. It is a business issue, a business risk, and the board needs to understand that as well.”

Cybersecurity awareness should extend beyond the IT department. Leadership must understand how cybersecurity risks affect business operations, emphasizing the need for awareness at all levels. Clear communication ensures that everyone in an organization, from IT staff to C-suite executives, understands the potential risks and necessary actions to mitigate them.

As we've heard from the expert guests on SOC Unlocked, cybersecurity awareness is far from a one-time initiative. It requires ongoing training, adapting to new and emerging threats, and reinforcing IT fundamentals. Building a culture of vigilance is critical—whether it involves developing soft skills, leveraging automation, or addressing internal risks.

At the end of the day, awareness is what keeps organizations resilient in the face of constantly evolving risks. And an AI-powered solution like Abnormal can supplement these efforts by adding an extra layer of protection, helping organizations detect and stop threats more efficiently. By combining a well-rounded awareness program with the right security solutions, companies can stay better prepared for whatever comes next.