It’s October, and that means it is Cybersecurity Awareness Month. Sponsored by the Department of Homeland Security, this is the 10th anniversary of this awareness month, and I don’t think we’ve ever needed it more. Since Cybersecurity Awareness Month 2013, we’ve seen an unprecedented number of high-profile attacks and vulnerabilities, from Target to JP Morgan Chase, from Heartbleed to Shellshock. For the first time ever, both businesses and consumers are aware of just how devastating a cybersecurity failure can be. Or, at the very least, people are thinking about cybersecurity more than ever.
Whether or not they are doing anything to practice better security habits is a different story. A new survey sponsored by the Digital Citizens Alliance and Blackfin Security found that most users are doing anything but practicing good security. It found that more than a third will follow strangers on social media or use public Wi-Fi that doesn’t require a password to connect; nearly two-thirds do little to vet the apps, movies and games they download, which can lead to installing malware; and nearly a quarter of respondents had no idea what multi-factor authentication was (another 16 percent said using it is too much of a burden).
In an official statement, Adam Benson, deputy executive director of the Digital Citizens Alliance, said:
The hackings of Home Depot, Target, and other large retailers may be lulling Americans into thinking that it's big corporations that are rogue operators' prime targets, but that's a mistake. Hackers want personal data - credit card numbers, passwords, Social Security numbers. They'll look for open windows - and the online behavior we see reflected in this survey tells us that millions of Americans are leaving the windows open, the doors unlocked, and even giving some hackers the key to get in.
Sloppy personal security habits have an effect on business security. Even when companies don’t have an official BYOD policy in place, employees are connecting their personal devices to the network.
Companies aren’t helping consumers practice better cybersecurity, either. According to a Trend Micro blog, enterprise tends to be more focused on convenience and user-friendly applications than security.
In honor of Cybersecurity Awareness Month, Digital Citizens Alliance is offering a quiz to test your own personal threat assessment. And for those who still struggle with knowing the difference between a legitimate email and a phishing email (and it is getting more difficult to do), PhishMe has provided a list of handy tips to spot a phish.
I’d like to think that most of us are cybersecurity-aware by now. As the past 12 months have shown us, however, it is time to put that awareness to use.
Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom's Guide. You can reach Sue via Twitter: @sueporemba