National Cybersecurity Awareness Month (NCSAM) kicks off in October, marking its 17th year. This year’s theme of “Do Your Part. #BeCyberSmart” encourages organizations and people to be proactive in battling cyber attacks.
And again this year, Proofpoint is proud to support this national effort and provide tools and resources for organizations to leverage this event and improve their organization’s awareness and preparedness for cybersecurity challenges.
Since 2004, NCSAM has been gaining momentum. And this year, the challenges facing organizations are more profound than ever. Attackers continue to refine their attacks and dispersed workforces have diminished the effectiveness of safeguards that have hardened networks and protected users. And attackers continue their focus on users, hoping to trick and manipulate them into actions that will lead to unauthorized access of data and information resources.
Game Changer for Security Awareness Training
Is creating and executing a program for NCSAM really worth the effort? From several discussions with leading CISOs and security leaders, the answer is an emphatic yest. Many CISOs have reported that NCSAM was a seminal moment for their programs, in either launching new programs or bootstrapping programs that had been languishing.
First, CISOs have used the event to set the context for the organization. Many users do not understand their critical role in cybersecurity and may view security awareness training as an administrative ‘have-to’ task. NCSAM provides the opportunity to highlight how people are the primary target for attackers and with awareness, they can become security assets and actually help prevent attacks.
Second, CISOs have used the event to change the perception of security awareness training. By engaging users in informal and fun ways, learning becomes likable and entertaining. With contests, games and lunch and learns, CISOs can make security awareness fun.
Third, CISOs have used the event to highlight executive and management support for security awareness. Executives can communicate the important role of users in keeping the organization’s data, networks and applications safe. The endorsement of upper management helps users appreciate their critical and important roles in cybersecurity.
Finally, CISOs have used the event to highlight the need for continuous awareness. Many users are not aware of how rapidly cyber threats change and that awareness goals and timing will continually shift to meet these evolving threats.
Keys to Success
As with any program, planning is key to success. Get executive buy-in on the program and create messages from key executives to support the program throughout the month. Work with marketing on how to use vendor materials, get approval for the budget to support contests and promotional materials. Brief the IT team and key stakeholders in advance to get support. And most importantly, understand your threat landscape, communicate it to your users and focus on those topics.
You still have time to use NCSAM to impact your security awareness training program. They are numerous resources available for organizations to make participation in NCSAM easy. Proofpoint has developed a powerful set of materials to support your program. Our Proofpoint 2020 NCSAM materials have three kits that focus on the critical cybersecurity needs of organizations today:
- Phishing Awareness Kit: Most attacks originate from email, the No 1 threat vector, so we’ve assembled free training including a humorous video from our The Defence Works acquisition and awareness materials to help educate users on this critical topic.
- BEC Awareness Kit: Our threat research team sees criminals getting more sophisticated in how they target your people. New attacks like business email compromise may even appear completely legitimate to aware users—this free content helps users spot and avoid these crafty attacks.
- WFH Awareness Kit: There are many challenges to working from home—is your Wi-Fi safe? Should you be using a VPN? How do you keep data safe? We’ll help you educate your users on common working from home topics.
And Check Out Our Security Awareness Training Content
Want to see Proofpoint Security Awareness Training’s full Content Library? Download our content solution brief here.
Subscribe to the Proofpoint Blog