The 5 Best Ways to Celebrate Cyber Security Awareness Month

Whether you have just a couple employees, a couple hundred, or even a couple thousand – cyber security awareness month is the perfect time to emphasize the important role your employees and management team play in the security of the organization.

Cyber Security Awareness Month Isn’t Just for Big Business

The goal of National Cyber Security Awareness Month (NCSAM) is to promote security for all Americans.

Small and medium sized businesses often shy away from cybersecurity – they feel they aren’t a target or they don’t have the resources to invest in cyber awareness.  In contrast, big businesses are investing heavily in cybersecurity awareness. The’re putting significant importance on building a culture of awareness within the organization and making employees active participants in their cyber defense systems.

In an effort to promote security for all Americans (and businesses), Cyber Security Awareness Month provides resources to help everyone participate. The overarching theme for National Cyber Security Awareness Month is that ‘Cybersecurity is our shared responsibility and we all must work together to improve our Nation’s cybersecurity.’

Cyber Awareness for the Small and Medium Sized Business

SMBs like law firms, consultants, software companies, stores, etc. traditionally consider themselves safe from cyber attacks – either ‘too small’ or ‘have nothing of value.’.

However, as cyber crime continues to grow, big organizations continue to increase their defense, making it much more difficult to access their crown jewels.

Cyber criminals started turning to SMBs because they were easier to access, had valuable information of their own, or can even act as a Trojan horse and walk the cyber criminal into their big customers doors.

This has led to more interest in cyber awareness for SMBs, and requirements in cyber awareness training for customers and insurance providers.

The 5 Best Ways to Celebrate Cyber Security Awareness Month

Whether you have just a couple employees, a couple hundred, or even a couple thousand – cyber security awareness month is the perfect time to emphasize the important role your employees and management teams play in the security of the organization.

The goal of this article is to provide any sized business with any budget to participate in National Cyber Security Awareness Month.  After reading this article, you’ll be able to share the importance of cyber awareness with your organization, deploy an cyber awareness campaign, and build a culture of cybersecurity awareness.

 

Learn More about our Cyber Security Awareness Month Package – Training, Phishing, and Awareness Posters

  1. Have a Conversation

Have a conversation…and guess what?  It’s free. Start cyber security awareness month boosting awareness through conversations with key stakeholders in the leadership team, and then continue that conversation with your employees.

  • Conversations with Leadership – If you’re a business owner it’s likely that your leadership team doesn’t fully comprehend how they might be targeted by employees, and how their employees may be targeted so it’s important to let them know.  If you’re an IT leader in a business, it’s likely that ownership team and other leaders do not have a full grasp on cybersecurity, and they will appreciate an overview of the risks to the organization and themselves.
  • Conversations with Employees – Employees are the biggest threat to an organization’s security, but most organizations do not make cyber security awareness a priority for employees.  It is vital to share the risks, best practices, and policies that are important to follow.

Having a conversation is free, and it’s the best place to start.

Resources: The Cybersecurity Conversation You Should Be Having With Employees

  1. Simulate Phishing Attacks

Phishing has become a household name, even for those outside of information technology because it proliferated over the past decade. Phishing is the most well known attack on employees and one of the hottest topics for good reason – cyber attacks often start with a phishing attack.  It’s much easier for a bad guy to mimic an Amazon website that asks for your login credentials and then use those to walk into your network, than it is to brute force into it.

phishing
wuvavi.com

There are a few ways to address the increasing risk of phishing emails.  First, educate your employees on what they are and the risks to the company and themselves (maybe during that conversation you’re going to have from Step 1).  I’ve linked a SlideShare with a few examples of phishing emails that you can easily send to employees or put into a presentation. Second, you can simulate phishing attacks on your employees to show them the threat and teach them how to recognize phishing emails.  There are several tools available for doing this including open source, but we offer a really simple platform for simulating phishing attacks. It takes about 2 minutes – just add your employees email addresses, choose a phishing email from our library, and hit send.  We’ll then simulate the attack on employees, and anyone that fails will immediately receive training on how to recognize that the email was fake. You’ll receive a report of employees that were successful (did not fall for the email) or unsuccessful (opened and clicked a link).  We recommend running at least quarterly phishing campaigns to keep awareness front of mind all year, and to help build a culture of cyber awareness.

Resources:

6 Examples of Phishing And How to Identify Them

Dissecting the Shame Scamming Phishing Email Claiming They’ve Recorded You Watching Porn

  1. Deploy a Cyber Awareness Training Program

IBM found that 95% of all security incidents involve human error.  Human error includes employees clicking on phishing links, writing their password on a sticky note or saving it on their computer, or even sharing too much on social media.

Cyber awareness training aims to teach employees about cyber risk, how to identify potential threats, and best practices to mitigate and report those threats.  That’s actually how we started our company, Wuvavi.

We were running IT for an SMB that was closing a big sales deal – it would be the biggest deal in their history with a large Fortune 500 company.  The potential customer had them complete a risk assessment that they ask all potential vendors to complete. One of the questions was, “Do you have an annual cybersecurity awareness training program for employees?”

Wuvavi Employee Awareness Free Trial
Wuvavi Employee Awareness

We went in search of a solution with pretty much a blank check, but we couldn’t find someone to solve the problem for us.  The few vendors providing cyber awareness training were only focused on big business, so they asked us to commit it large, multi-year contracts that just didn’t make sense for our business of about 50 people.  Like any good startup, we set off to disrupt that unfriendly, antiquated model with an employee cybersecurity awareness platform that any SMB could afford and benefit from deploying in their organization. You can check it out for free, no credit card required.

Resources:

Information Security Training for Employees

Cyber Awareness – Why, When, and How To

  1. Cyber Awareness Posters and Screensavers

Cyber awareness is not an event.  It’s a process. That’s why the previous three steps talk about ongoing awareness campaigns – ongoing phishing, annual training, and making cybersecurity a point of conversation in team meetings throughout the year.

Cyber Awareness posters and screensavers are a great tool to incorporate in that process.  Using rotating screensavers and awareness posters throughout the office makes sure that employees see the importance that the company places on cybersecurity, keeps it front of mind, and continues to build on the culture of cyber awareness that you are creating.  

Awareness Posters and Screensavers

In honor of cyber security awareness month, our 14 day awareness platform includes 5 free awareness poster and screen saver designs that you can use in your office.  If you make a purchase by the end of October we’ll brand these designs with your logo at no additional cost to you.

Resources:

Receive 5 Free Cyber Security Awareness Posters and Screensaver Designs

Cyber Security Awareness Month Package – 14 Day Free Trial

  1. Review Your Acceptable Use Policy

An acceptable use policy creates the guidelines and rules that employees, contractors, and office guests must follow for using company devices and the company network.

Much like awareness training, the Acceptable Use Policy educates your employees on the specific rules that they must follow to work with company technology.  Perhaps even more important, the Acceptable Use Policy prevents/minimizes legal ramifications that may be caused by an employee using the companies network for unapproved activity.

AUPs should be regularly reviewed to keep up with changing technology, changing policy, and changing employees.  Make a review of your AUP part of celebrating cyber security awareness month.

If you don’t have an Acceptable Use Policy, or you’d like a third party review, we offer an AUP Review service and AUP Creation service.  It’s a simple process – in both scenarios we schedule an introduction with the team to learn about existing policies (written or understood), compare to current standards and future goals of your company, and provide guidance.  A typical AUP review can be completed in a couple days after our scheduled meeting.

Remember that once you review and update the AUP, have your employees review and sign it – preferably during onboarding and acknowledgment annually

Resources:

3 Steps to Cyber Awareness in an SMB

Plan For Cyber Security Awareness Month Now

NCSAM runs through the month of October.  Planning now will ensure a smooth and successful celebration of the month, increase awareness in your organization, and begin the process of creating an ongoing culture of cyber security.  Remember, these are the 5 best ways to celebrate cyber security awareness month.

  1. Plan A Conversation
  2. Simulate Phishing Attacks
  3. Deploy an Employee Awareness Training Program
  4. Push Cyber Awareness Posters and Screensavers
  5. Review Your Acceptable Use Policy

Deploy an Awareness Training Program in Minutes

You can build your own cyber awareness training program, or use an out of the box solution.  Wuvavi is an enterprise grade employee cybersercurity platform designed for small and medium sized businesses.  Wuvavi allows companies from a single employee, to hundreds, to thousands to sign up and deploy a cybersecurity awareness training and phishing program in minutes.  You can try it out at no cost with a 14 day free trial (no credit card required).

You can start today with a simulated phishing attack for a baseline score for your employees.  Then, schedule awareness training in the first week of October to kick off cyber security awareness month.  Next, schedule quarterly phishing attacks to watch how employees improve and create a continuous culture of cyber security awareness.  We’re straight forward with our pricing which you can find here, and a free trial here.

awareness month cybersecurity awareness phishing training