Insider Risk

Leveraging National Cybersecurity Awareness Month to Reduce Insider Threats

By Dr. Christine Izuakor

October is a month that generates much buzz amongst the cybersecurity community. It’s National Cybersecurity Awareness Month (NCSAM) – a time when security professionals work around the clock to raise awareness of growing cyber risks amongst general user communities.

This is especially important in an era where human-related cyber threats are at an all-time high. From intentionally malicious insiders to unmindful employees prone to accidents, these threats can have significant consequences on companies of all sizes. Ongoing high-profile breaches have brought this issue of insider threats into the spotlight. For example, last year, social media giant Twitter fell victim to an unintentional breach caused by an unsuspecting insider threat. In this case, cyber attackers took advantage of the recent remote work trends to conduct one of the most prominent hacks of the year. After impersonating Twitter information technology staff, cyber attackers were able to convince employees to share their account details. The culprits then used this info to log into user’s accounts and change the credentials of several high-profile accounts, including presidents, government officials, and celebrities.

Needless to say, employees and contractors can sometimes pose the greatest risks to an organization. Many professionals in the cybersecurity space even argue that insider threats are more concerning than external cyber threats. All of this is a stark reminder that in the hybrid work reality that most companies operate in today, educating employees on cybersecurity best practices is critical to reducing insider threats.

That’s the main value that a robust NSCAM program can bring to organizations of all sizes.

 

 What is National Cybersecurity Awareness Month (NCSAM)

Formed by the National Cyber Security Alliance & the U.S. Department of Homeland Security in October 2004, the month’s purpose is to assist people in becoming safer and more secure in the digital world. When the month first launched, most educational efforts were geared towards basic advice like updating anti-virus and using strong passwords. Though these will likely always remain relevant topis, today, the advice has evolved to focus on what most businesses still struggle with – human and insider-related threats. This includes popular social engineering techniques used by common criminals to infiltrate companies.

Human Enabled Threats That are a Match for NCSAM

 Though a robust NCSAM plan won’t solve every cyber challenge in an organization, there are some key risks that are perfect to emphasize for great results during the month. Any risk topics where human beings can make a difference are the topics it’s great to focus on for NCSAM. A few examples include the following:

  • Ransomware is a form of malware that locks down your information and demands a ransom payment for its release. To combat this common threat, use the power of National Cybersecurity Awareness Month to get your employees educated on what ransomware is, how it’s introduced to organizations, and the role they can play to avoid attacks.
  • Phishing, Vishing, and Smishing are all types of attacks that collectively have been called ‘social engineering.’ These tactics target employees by impersonating a familiar person or brand in an effort to access confidential information. NCSAM can be used to educate employees on this topic.
  • Other forms of social engineering include USB attacks and more. Similar to phishing, which involves tricking a user into taking risky actions, these attacks trick unsuspecting users into plugging in rogue USB sticks that can introduce malware to the users’ devices and more. Teach employees to avoid plugging in unfamiliar USB sticks.
  • Password Hygiene, or lack thereof, is a common culprit in breaching the security of entities. Education in this space helps employees know not to use weak passwords and not to share passwords with anyone.
  • Wi-Fi Insecurity, especially during travel and remote work, can introduce grave risks to an organization. Teaching employees to leverage secure networks/VPNs and avoid public Wi-Fi is a great tip to focus on.
  • Home Office Security Hygiene will remain a critical element of education for current and future workforces. As more people opt to extend work-from-home set-ups, the security of the home office should be a key NCSAM point of focus in 2021 and beyond.

Today, the security landscape that employees are operating in is much different than anything seen in the past. Tons of new threats, like the infinite ransomware variants surfacing, are targeting vulnerabilities in network infrastructure, endpoints devices, supply chains, mobile devices, and human beings. Awareness month can act as a key resource to mitigate these threats.

Ten Tips for an Effective National Cybersecurity Awareness Month

National Cybersecurity Awareness Month campaigns are critical initiatives that have helped strengthen organizational cybersecurity by raising awareness about the importance of staying informed on the latest cyber threats. But all months are not created equally. It’s not enough to send out a communication or post a blog. One-time communications seldom leave a lasting impact on employees. An effective NCSAM plan requires a strategic approach and robust plan that covers key elements unique to the hosting organization and extends throughout October and beyond.

Here are ten tips that organizations can leverage during NCSAM to reduce insider threats:

  1.  Make it relevant and relatable: Think about your audience and what employees care about. Set your goals for the month and the topics you’ll focus on around what they care about. Also, pay attention to the threats that your company or industry faces the most. Those are great topics to zone in on as well.
  2. Set a theme: People like themes that are easy to remember. You’ll want the lessons of the month to stick in the minds and hearts of users through awareness month and beyond. Security risks don’t disappear after October. Neither should you messaging. The CISA recommends the following theme for 2021, which can be customized to further meet the needs of the organization:
    1. Week 1: Be Cyber Smart Take simple actions to keep our digital lives secure.
    2. Week 2: Fight the Phish! Learn how to spot and report phishing attempts to prevent ransomware and other malware attacks.
    3. Week 3: Explore. Experience. Share. Commemorate the National Initiative for Cybersecurity Education’s (NICE) Cybersecurity Career Awareness Week and the global cybersecurity workforce.
    4. Week 4: Cybersecurity First Explore how cybersecurity and staying safe online is increasingly important as we continue to operate virtually in both our work and personal lives.
  3. Make it fun: This one is self-explanatory. If you’re going to invest time and resources into NCSAM, you’ll want folks to be highly engaged. No one wants to engage in boring content. Employees should be captivated and inspired to care about cybersecurity throughout the month. For example, people have brought fun and humor into cybersecurity conversations like the discussion of passwords on The Ellen Show or the very concerning video shown on Kimmel Live where unsuspecting users unknowingly leak their own passwords. Pull together fun content that applies to your efforts and incorporate this into your NCSAM strategy. Your employees will be entertained and still learn in the process.
  4. Get leaders involved: Employees love to see leaders involved in these kinds of efforts before engaging. Know that some employees may be unsure of whether it will be “frowned upon” to engage in the NCSAM activities during work hours. It’s important for leaders to show that NCSAM is a priority by being actively and publicly involved in the effort. This applies from the CEO on down.
  5. Partner with other organizations: Partnership goes a long way during NCSAM. Work with other companies in your sector, industry support groups, government agencies, and more to collaborate on content, events, and messaging around NCSAM. This is especially helpful when dealing with a limited budget as costs can be split between groups.
  6. Host events (digital or in-person): Whether working with a local university to have a cybersecurity professor come in and do a demo on common hacks for employees or having a security leader within the company host a hack-a-ton for employees – events where people can actively participate in cybersecurity-related conversations and activities go a long way. In addition, in the remote era, webinars and virtual events are a great option, especially for geographically dispersed teams.
  7. Share posters: Who doesn’t love visuals? Create posters with key information regarding the themes you’ve outlined for your company. These posters can be physically displayed in high-traffic areas of the office or shared through digital challenges such as email, intranet, newsletters, and more.
  8. Share swag: Cybersecurity-related swag such as webcam covers, computer stickers with awareness messages, pens, t-shirts, and more can be given away as freebies or prizes that people can win for engaging in NCSAM.
  9. Tell stories and communicate intentionally: One of the best ways to drive NCSAM lessons and messages home is through stories and frequent communication. Share recaps on ways everyday employees have prevented cyber-attacks by reporting phishing emails, how the cyber team quickly responded to an attack or lessons learned from a real social engineering event. The more real data you can share, the more impactful the month can be. Of course, be careful not to share any confidential information or stories that could be detrimental to the company if shared externally.
  10. Gamify the month and reward engaged employees: Games and prizes offer the ultimate engagement and excitement amongst workgroups. From online quizzes to cybersecurity-themed scavenger hunts, there are plenty of game ideas and prizes that can be planned to get people excited about NCSAM.

 

When awareness fails, user behavior analytics and other security controls come in handyNCSAM is a great way to combat insider threats and human-related risks. However, it shouldn’t be the only defense mechanism. Technology also plays a critical role in reducing insider threats.

Companies can also ward off these threats by leveraging intelligent monitoring systems, like Veriato’s Cerebral, with features that include:

  • Remote and in-network monitoring
  • Multi-device compatibility
  • User behavior analytics and insider threat detection
  • Scalable endpoint monitoring
  • Video playback of onscreen activity
  • File download protection
  • Anomaly detection
  • Dark web tracking
  • Real-time user reporting

Insider threats are difficult to intercept. Prevention and early detection are the most effective means to protect against these growing threats.

Conclusion

Promoting cybersecurity awareness in your organization can reduce insider threats. The most effective companies take a multi-pronged approach to awareness, including a robust NCSAM plan that is fun, relevant, rewarding, and more. Doing so can encourage employees to avoid engaging in potentially high-risk internal behavior and, in turn, thwart future cyber-attacks.

 

 

Insider Risk – How Prepared Are You?

Insider Risk – How Prepared Are You?

Not every company is equally prepared to deal with insider risk. This report outlines the four stages of insider risk maturity and explores how to improve your insider risk preparedness.

About the author

Dr. Christine Izuakor
Dr. Izuakor is the Senior Manager of Global Security Strategy and Awareness at United Airlines where she plays a critical part in embedding cyber security in United’s culture. She is an adjunct professor of cyber security at Robert Morris University, and independently helps corporations solve a diverse range of strategic cybersecurity challenges.

Insider Risk & Employee Monitoring Resources

Is IAM, SIEM, and DLP Enough to Combat Insider Risk?

Is IAM, SIEM, and DLP Enough to Combat Insider Risk?

Key Takeaways: Closing the Gaps in Traditional Security Tools: IAM, SIEM, and DLP are vital but insufficient in addressing insider risks. They focus on access control, event logs, and data protection without understanding the behavioral context that signals insider...

Insider Risk Management: Addressing the Human Side of Risk

Insider Risk Management: Addressing the Human Side of Risk

Key Takeaways: Proactive Over Reactive: Shifting from a reactive to a proactive approach is essential in managing insider risks. Continuous monitoring and analysis of human behavior are key to detecting potential insider risks before they escalate. The Power of AI:...