This October marks the nation’s 19th cybersecurity awareness month. This year’s theme, See Yourself in Cyber, puts the focus squarely on people. In both our private and professional lives, we all have a role to play in protecting ourselves, our communities and our country from cybercrime.
Personal Cyber Hygiene
While technology is a central component of any cyber defense, the vast majority of security breaches involve a human factor. Whether you’re an employee logging into work remotely, an executive checking your email or a consumer shopping on your phone, remember to always practice proper cyber hygiene. This includes both following basic security best practices, such using multi-factor authentication and watching out for phishing attempts, and promoting cyber safety among your colleagues and family members.
The Cybersecurity and Infrastructure Security Agency (CISA) offers free cybersecurity training you can take to improve your cyber awareness or strengthen your skillset as a security professional.
Training and Supporting Cyber Defenders
Many security teams on the frontlines are facing a critical talent shortage, leading to high levels of burnout that are leaving us all more vulnerable. There are several measures that security leaders can take to support their teams:
- Diversify security teams by removing unnecessary job requirements, such as a four-year degree in a specific field, and prioritizing soft skills over years of experience.
- Invest in workforce development to cultivate talent among current staff.
- Effectively communicate resource needs to executive leadership by aligning security operations with business priorities.
Security employers and professionals can leverage NIST’s NICE workforce development framework to help bridge gaps between cybersecurity job descriptions and the requisite skills for performing those roles.
A Common Defense
The White House has called upon the private sector to contribute to the national cyber defense, declaring that “the federal government can’t meet this challenge alone.” Organizations can be part of the solution by proactively reducing cyber risk, building resiliency and sharing information. Ensuring you aren’t engaging in any of CISA’s bad practices is a great place for your organization to start.
MBL Technologies can help you take the next step toward building a mature security program. We offer comprehensive cybersecurity services, including security control assessments, personnel training and vulnerability management. Contact us today to learn more!