As echoed frequently within the ranks of the military: “Proper Planning and Practice Prevents Piss Poor Performance.” While this truism is most often utilized to whip our nation’s first line of defense into fighting shape, it’s a credo that our cybersecurity community would do well to heed — especially given the fact that the space cybersecurity occupies in the minds of the general populace, while growing, is yet nascent at best.
Flashback to 2004 and the genesis of National Cybersecurity Awareness Month (NCSAM), an initiative created to raise awareness in the U.S. around the importance of cybersecurity. Founded by the National Cyber Security Division within the Department of Homeland Security and the nonprofit National Cyber Security Alliance, NCSAM has taken place each October, since its mid-aughts inception, in efforts to ensure all Americans have knowledge of the resources and tools they need to be safer and more secure online.
So, why am I referencing the NCSAM when it’s still a full month out? Well, it goes back to that famous military mantra, championing preparedness. The last place one wants to receive low marks, especially in today’s increasingly digital and hyperconnected environment, is in cybersecurity. It’s imperative that our community works collectively to develop and advance clear, concise and actionable messaging that not only raises awareness around cybersecurity but promotes manageable tactics and best practices for its adoption. After all, as my Latin professor was quick to remind — “praemonitus, praemunitus” — “forewarned is forearmed.”
To that end, this year’s NCSAM is dividing up each week in October into different focal themes. Week 1 of which is: “If You Connect It, Protect It.” Here, the effort is to emphasize that all personal devices connected to the internet are potentially vulnerable to attacks. As the popularity of BYOD and the IoT continue to grow, it’s imperative that organizations have a comprehensive, secure program in place that maximizes both user productivity and satisfaction while cutting costs and facilitating business continuity securely.
Week 2 is a logical extension of Week 1, focused on “Securing Devices at Home and Work.” As millions of us have grown accustomed to and continue working from home, this delineation between work and home has become increasingly porous. Suffice it to say, devices — no matter the environment in which they are situated — must be secure without any performance trade-offs. Enter robust solutions like continuous authentication and unified endpoint security that leverage artificial intelligence, machine learning and automation to provide next-generation cyber threat prevention across all devices — anytime, anywhere.
And because we’re still in the midst of a global pandemic, Week 3 wisely adopts a narrower focus: “Securing Internet-Connected Devices in Healthcare.” With cybercriminals targeting health files, insurance data and medical devices, it’s critical that the healthcare industry adopts AI-driven technology to help their IT staff secure sensitive information, protect against vulnerabilities and prevent future attacks. This is even more important given the rise of telemedicine, healthcare IoT and the use of contact-tracing apps in efforts to mitigate the current pandemic. Historically, these challenges have posed more of a privacy concern in the minds of many people, which only serves to highlight the importance of an integral, symbiotic relationship between privacy and security. Perfecting healthcare cybersecurity will ultimately allay the privacy concerns of patients while improving overall patient care.
Lastly, NCSAM 2020 wraps up with Week 4 focused on “The Future of Connected Devices.” That future is one that must be fortified with a Zero Trust, Zero Touch security model — one where no user, system, or device is automatically trusted within a network. This advanced level of precaution results in an all-around seamless and more secure environment and is something I touched upon, in-depth, in a recent column.
Consider this brief missive, then, as your starting signal — a blueprint for preparing strong, resonant messaging next month in the advancement of our collective awareness of ever-evolving cybersecurity knowledge, skills and abilities.