October 02, 2014

National Cyber Security Awareness Month: Here’s How to Improve Information Security

October is National Cyber Security Awareness Month (NCSAM) and raising the awareness of cyber security has never been more critical.

In fact, the Department of Homeland Security says cyber security has become one of the most important national security priorities.

Homeland Security is a sponsor of NCSAM in cooperation with the National Cyber Security Alliance and the Multi-State Information Sharing and Analysis Center.

The goal of the 11th annual NCSAM is to engage with public and private sectors and to educate everyone on ways to better protect their computers, mobile devices, networks, data, and private information from unauthorized network attacks or intrusion.

The worldwide web of computers, data and websites is now an integral part of day-to-day life – from banking, shopping and keeping in touch to business conferencing, inventory control, and sales. But being constantly connected increases the risk of fraud, identity theft, and other crimes with finances, identity, and privacy all at stake.

In the workplace specifically, Ponemon's Cost of a Data Breach estimates that data breaches cost U.S. organizations an average of $5.4 million.

But the 2014 Annual Shred-it Security Tracker shows that information security is still a declining priority among American businesses.

At the same time, research by HR Professionals shows that 76% of network intrusions exploited weak or stolen credentials – strict information security policies would reduce this easily preventable risk.

NCSAM is a great resource and champion of proactive strategies with initiatives and events scheduled throughout the month. Here are ways for businesses to get involved and to better safeguard private information in the workplace:

  • Support the ‘STOP. THINK. CONNECT.’ Campaign, which promotes national cyber security awareness by sharing the risks of using the internet and emphasizing cyber security.
  • Create an email campaign about NCSAM and send it to employees, clients, and business contacts.
  • Hold an information security event such as a lunch and learn for employees to cover acceptable online policies.
  • Work with IT staff to host employee training on cyber security.
  • Improve IT protection with extra layers of security such as 2-factor authentication on email and online accounts.
  • Review and update Internet security policies regularly to ensure that they cover current threats and best practices. This security audit helps check document security in the workplace. 
  • Provide comprehensive guidelines on the workplace trends, BYOD or bring your own device, or CYOD or choose your own device.
  • Emphasize the importance of document management best practices from storage to disposal. E-media and hard drive destruction is important too. 

Here are other ways to improve information security in the workplace.