Pumpkin-Spiced Cybersecurity: October Is National Cyber Security Awareness Month


Fall is officially here, which means the return of delicious Oktoberfest beer, Halloween costume preparations, and pumpkin-spice everything. It also means that National Cyber Security Awareness Month is almost here.

October is National Cyber Security Awareness Month, which is “designed to engage and educate public and private sector partners through events and initiatives to raise awareness about the importance of cybersecurity, provide them with tools and resources needed to stay safe online, and increase the resiliency of the Nation in the event of a cyber incident,” according to the Department of Homeland Security. 

Cyberattacks, including global ransomware attacks, massive data breaches, and distributed denial-of-service attacks have recently dominated the headlines, saturating consumers’ news intake with stories about cybersecurity threats. These repeated reminders of the cybersecurity boogie man, ways to protect personally identifiable information, and advertisements for products to fight hackers, can lead to security fatigue, which in turn may lead to risky computing behavior.

“Companies need to realize that security fatigue is a real thing,” Matt Rose, global director of application security strategy at Checkmarx Ltd. in Charlotte, N.C. told Bloomberg BNA Sept. 27. “Things like text verification, captcha, finger print recognition, and strong passwords may actually introduce more of a security risk as the company now has more data points on a customer in order to verify they are who they are,” he said. 

“Rather than combating or alleviating security fatigue, organizations should focus on how to take the security burden off of employees as much as possible,” Guy Peer, vice president of research and development and co-founder at Dyadic Security in Tel Aviv, told Bloomberg BNA Sept. 27. 

According to Rose, a “rock solid” network security program is much more effective than pushing identity verification on users or employees. If identity verification measures have to be in place, Peer suggested using biometrics. “It's important to make security as effortless as it can be. Rather than having employees change their passwords every few months, organizations can use biometrics,” he said.

In addition to efforts by companies to improve cybersecurity measures, there are specific steps that consumers can take to help the process. For example, the National Cyber Security Alliance has a tip sheet listing some basic cybersecurity advice for “all digital citizens.” Some of the tips include using authentication tools, updating software and operating systems, backing up your computer, and avoiding any suspicious links.

To keep up with the constantly evolving world of privacy and security sign up for the Bloomberg BNA Privacy and Security Update.