’16Chris Zachar—Senior Consultant • 9/21/20
It is time to be #CyberAware! As IT Security professionals gird themselves for the busiest time of the year (commonly known as “Phishing Season”), the Department of Homeland Security will launch National Cyber Security Awareness Month (NCSAM). NCSAM was designed to educate the public and private sectors about cyber security and offers a wealth of resources to make the job easier. A highlighted goal of the campaign is to “increase the resiliency of the Nation in the event of a cyber incident.”
It is not too late to use National Cyber Security Awareness Month as a tool to increase awareness within your organization. You can use the resources on the NCSAM web site to create a simple campaign that will increase awareness for your users.
- Send a weekly email that highlights the NCSAM 2016 Weekly Themes. The NCSAM Theme Sheet provides a quick summary of each week’s topics.
- Place an article on your organization’s intranet. The articles could occur on a weekly basis, following the NCSAM themes. If you don’t have the resources for a weekly article, consider placing at least one during the month.
- Personalize tips so they are of value to users on a personal, as well as professional, level. Users who practice security awareness at home are more likely do to so at work.
- Run mock phishing campaigns and offer rewards to increase participation. Rewards can be on the individual and/or department level. Offer certificates, security level badges, or pizza parties for those who report the most suspicious emails through your Incident Response Protocol, click the least on your mock phish, or who identify the mock phish.
- Have a senior manager of your organization send an email to all users about the importance of cyber security awareness to your organization. Use this email as an opportunity to review policies and protocols within your organization.
If you haven’t been using National Cyber Security Awareness Month as an opportunity to educate your users, don’t forget to put a reminder on your calendar for next year. Allowing yourself time to plan and obtain approvals will allow you to get the most benefit from this annual national initiative.
PhishLine and our trusted partners offer a wide variety of educational materials, including videos, risk assessments, coordinated email templates and landing pages, newsletters, posters, and other display materials, that can be used to train and test your users on security awareness. Our consultants are here help you prepare your organization on the human level for the attacks that willbe coming during “Phishing Season” and beyond. To learn more, Contact Us.