As Cybersecurity Awareness Month 2024 comes to a close, here’s a brief recap of all that was shared this month. Hopefully, you put the handouts to good use by sharing them with staff and placing them in easy to see locations for anyone and everyone to read. If not, no worries – they are included below and are applicable during any month, not only Cybersecurity Awareness Month!

Using strong passwords and a password manager

Week one covered password security and included important security steps that are designed to help enhance your cyber defenses. The ease at which an attacker can crack an insecure password acts as a strong reminder for proper password security and the use of a password manager. A few takeaways from week one include:

• Create a passphrase which is more easily remembered and more difficult to crack.
• Longer passwords are stronger.
• Don’t reuse passwords/passphrases across multiple sites and services.
• Don’t use common words and expected substitutions.

Using multifactor authentication (MFA)

Week two covered the importance of using multifactor authentication (MFA). MFA makes it difficult for attackers to access your online accounts, even if they know your password. Taking the extra step beyond just a password can protect your business, online purchases, bank accounts, and even your identity from potential attackers. According to Microsoft, implementing MFA can make you 99% less likely to get “hacked.”

Recognize and Report Phishing

The notorious topic of phishing was covered in week three. While it’s often not practical to keep abreast of all the changing phishing tactics, one thing is always constant – attackers try to elicit a hasty response based on emotion. Fear, urgency, doubt, and curiosity are some of the most common emotions leveraged to pressure us into falling for a phish and the highest volume of themes designed to elicit those emotions are finances, notifications, shipping, and responses.

Update Software

Week four finished out the month with the reminder to regularly implement security updates. Security updates are the best way to keep our devices protected from cyber threats. While organizations usually update workplace-owned devices, it’s up to each of us to keep our personal electronic devices (PC’s, laptops, mobile, home networking, Internet-of-things, applications, etc.) current with the latest “patches.” Even though phishing has become one of the primary cyber threats, malicious actors still seek to exploit technical vulnerabilities – including old vulnerabilities that have been around for years.

Thank you for participating in the 2024 Cybersecurity Awareness Month! We hope you found value in these one-page reminders and refreshers and shared them with your staff. Everyone has a responsibility to do their part in securing our interconnected world. Implementing stronger security practices, raising community awareness, educating vulnerable audiences, and training employees all contribute to a safer online world for everyone.

Access all four handouts below.