Cyber Awareness: The More You Know, The Safer You Are.

Forewarned is forearmed could have been coined for cyber awareness. Knowing the potential cyber threats and risks they face is the number one way for people to recognize them when they happen and avoid them whenever possible. A proactive approach to cyber awareness that includes strong passwords, system updates, and a healthy dose of skepticism helps build a robust defense against multiple cyber adversaries.

Unfortunately, many people aren’t aware of what cyber threats are or that they’re even at risk, making them more vulnerable to attack. Because cyber awareness is essential for online safety, learning about these lurking dangers and how to protect oneself is critical and can make a significant difference in keeping sensitive information secure.

October is Cyber Security Awareness Month, a great time to create, or re-evaluate, your cyber threat response plan that leaves nothing to chance and makes cyber security the norm.

Understanding Cyber Threats

It’s said that fortune favors the bold. Maybe so, but when it comes to cybersecurity, we say it favors the prepared. The first step in being prepared is understanding today’s cyber threats so you can protect your piece of cyberspace real estate.

With cyber threats increasing in number and effectiveness, cyber awareness is now front and center in staying safe online. Threats every individual should be aware of include:

• Email risks. Email is an essential business tool, but it’s also the entry point for various cybercrimes like phishing, ransomware, and malware. In fact, nearly 95% of dangerous ransomware enters an organization through email. Training helps people become mindful of unsafe links and attachments.
• Phishing. Social engineering attackers leverage their knowledge of how humans think and work to exploit behaviors and emotions, influencing people to take desired actions such as revealing sensitive information or granting system access.
• Ransomware. Ransomware attacks are on the rise, with the highest number occurring in the US. Ransomware groups like CLOP are triggering a significant shift in strategies, using zero-day exploitation techniques to contaminate organizational operating systems.
• Malware. The second largest threat facing small businesses, malware uses trojans and viruses to gain access to networks and steal and destroy data. It typically comes from malicious website downloads, spam emails, or connecting to other infected devices.

Insider threats are another risk to be aware of. Employees, former employees, and business associates or contractors access critical organizational data and then intentionally or unintentionally compromise data security by allowing it to get into the hands of cybercriminals who use it for everything from intellectual property theft to sabotage and ransom demands.

Developing a Cyber Awareness Mindset

While cyber awareness doesn’t solve cybercrimes, it is vital to mitigating cyber risks. Most organizations now provide some level of cyber awareness training. Still, there’s always room for improvement, particularly since cybercriminals continue to find new ways to exploit people and system vulnerabilities.

Developing a cyber awareness strategy can be challenging and time-consuming, especially considering how often it needs to be updated to reflect new threats. However, the effort is well worth it when measured against the potential losses from a cyberattack.

Along with educating and training employees about cyber threats and what to do in the event of an incident, a good cyber awareness program also encourages a culture where team members feel a sense of proactive responsibility for keeping the organization’s assets secure. Organizations should also adopt a Zero Trust model where access permissions are strictly enforced through robust identity verification, limited access, and micro-segmentation of network traffic.

Cybersecurity Month and Beyond

While writing this post, new threats were revealed that underscore just how critical it is for organizations to prioritize cybersecurity throughout the year. On October 20, 2023, San Francisco-based Okta Security, an identity and access management company, reported that a hacker succeeded in capturing the credentials of an unknown number of organizations using the company’s identity management system.

How they did it seems remarkable for a company that specializes in user authentication solutions. The hacker simply accessed the “HAR” or HTTP Archive format files uploaded to Okta support on request for troubleshooting browser problems and then used stolen credentials to access Okta’s support case management system. Once inside, the cybercriminal viewed files uploaded by some Okta customers. A silver lining to the breach is that the support case management system is separate from the production and Auth0/CIC case management systems, which were not impacted by the incident.

On October 21, 2023, insurance giant American Family Insurance confirmed a cyberattack that began the previous weekend, causing the company to shut down portions of its IT systems, including phone services, building connectivity, and online services. The company, which employs 13,000 people and reports annual revenue of over $14 billion, says it hasn’t (to date) detected any compromises to critical business, storage systems, or customer data processing. However, the system outages have impacted customers, agents, and employees, a situation that could lead to lost business and reputational damage. While it’s still unclear what type of breach occurred, it has the hallmarks of a ransomware attack, many of which occur over a weekend when fewer employees are monitoring the network to notice suspicious activity.

Another attack reported on October 21 claims a threat actor is selling access (or what they claim is access) to Facebook’s (Meta) and Instagram’s Police Portal used by law enforcement officers to request data about users under investigation. Some experts are skeptical about the claim, saying the $700 fee the hacker is charging is too low for such valuable access.

Real or unconfirmed, attacks like these highlight how essential it is for individuals, organizations, and other stakeholders to remain vigilant about suspicious activity. Training that includes real-life examples is being used to educate employees on what to look for.

For instance, cybercriminals are notorious for impersonating popular brands to trick users. A recent (and to date possibly ongoing) campaign involves a highly-deceiving Google ad for KeePass, an open-source password manager. When users perform a Google search for “keepass” and click on an authentic-looking link, they’re redirected via a cloaking service to a decoy site. When they go to download KeePass, they retrieve a malicious .msix installer that, when extracted, can result in data theft, unauthorized access to sensitive information, or full control of the infected device.

Let’s look at how employee training can help mitigate threats and improve organizational cybersecurity.

Implementing Organizational Cybersecurity

A holistic approach to cyber awareness includes knowing the latest security trends, cybersecurity best practices, and the dangers of clicking on malicious links. To be effective, it must be an organization-wide initiative that paves the way to a more resilient infrastructure.

Security awareness training uses various tools and techniques to inform and equip team members to recognize threats, report them, and avoid them whenever possible. Routine instructional sessions help people understand:

• The daily cyber risks your organization faces
• How those risks constantly evolve to exploit technical vulnerabilities and human emotions and behaviors
• The impact they might have on your business
• The roles and responsibilities of employees in digital safety and security

At the end of the day, it won’t matter how much you invest in advanced cybersecurity tools if end users can’t recognize suspicious links or fraudulent emails, the most prevalent source of cyberattacks.

These cyber security awareness tips will help transform employees from unwitting accomplices to frontline defenders in the cybercrime battle.

Information security

Everyone should be responsible for protecting your organization’s digital resources. Cyber awareness training should emphasize data security and teach users how to safely handle, share, store, and dispose of sensitive data. Incident reporting training must also be conducted so issues can be dealt with swiftly.

Remote work protocols

Remote and hybrid work models pose more significant challenges, as they require securing data at home, in the office, or wherever the user might be. Risks can be significantly reduced with the proper knowledge tools, including not connecting to unsecured public Wi-Fi networks and the importance of VPNs.

Physical security

“Shoulder surfers” are a particular risk when people use company-provided laptops and mobile devices, especially in public places. People should be trained to lock devices when unattended, be aware of who is around them, and securely store confidential materials.

• Removable media security. USB drives, portable hard drives, SD cards, and smartphones are convenient tools for copying, storing, and transferring data. However, with convenience comes risks like data exposure, malware infection, data loss, and theft. Organizations should have a removable media policy that includes repercussions if not followed.
• Password security. The FTC’s Consumer Sentinel Network reports that over 5.4 million cybercrime reports were filed by consumers in 2022, a quarter of which resulted in a loss due to identity theft and imposter scams. There’s no overstating the importance of strong passwords in protecting data and networks. Cyber awareness training should include password management, best practices, and multi-factor authentication.

Incident response

Security incidents are inevitable, but they don’t need to be catastrophic. Incident response plans and teams are a good start; however, team members must also understand their role and the steps to take if a security incident occurs. They should know who to contact and how to communicate effectively during a cyber attack and be trained in risk mitigation so they avoid actions that could worsen the situation.

Well-trained employees also enable quicker incident recovery, learn from past incidents, and become more vigilant and security-aware in their daily online activities.

Cybersecurity courses

The scope of cybersecurity initiatives varies depending on an organization’s size and number of employees, but these courses should be included in every training in cyber awareness.

• Email security. The #1 entry point for cybercriminals, malicious email tactics include phishing, malware, ransomware, and business email compromise (BEC), where attackers impersonate high-ranking executives, pretend to be a trusted vendor, or claim to be someone with the organization’s supply chain. Email security training protects individuals and companies from attacks and helps employees learn to recognize unsafe links and attachments.
• Phishing and social engineering. Humans are a primary gateway for cybercriminals. So-called social engineering attackers understand how people think and work and leverage this knowledge to exploit their emotions and behaviors. The attacks are targeted, convincing, and, unfortunately, highly successful. With the right training, employees can quickly spot warning signs, learn to trust their instincts, and reduce the likelihood of their falling victim to one of these scams.
• Ransomware and malware. A by-product of phishing emails, malware and ransomware infiltrate, damage, and disable computers or networks, holding them hostage until a ransom is paid. Awareness training and cautious email practices can defend against these common threats. 
• Browser security. Web browsers are a primary connection between users and the online world, so it’s no surprise they’re also a popular target for cybercriminals looking to penetrate an organization’s systems. Aside from standard phishing and malware risks, organizations must guard against cookie and session hijacking, scam websites, and unsafe browsing habits. Training should emphasize that even Google, which claims to vet its advertisers, can fall victim to malicious ads. So, too, can other search engines like Firefox and Edge. Employees should be taught to scrutinize links and URLs for added characters indicating a fake link. In the KeePass ad mentioned earlier, the malicious character is a tiny comma below the “k,” which many users confuse with a speck of dirt on their screen. When they try to flick it off, they’re taken to the malicious site. Instruction should also be given in recognizing legitimate URLs by checking for HTTPS, verifying the domain, and looking for misspellings or unusual characters. As with social media impersonators, many cybercriminals use the original brand name followed by a series of numbers. 
• Information security. A company’s organizational information is its most prized digital asset. Protecting its integrity, confidentiality, and availability is everyone’s duty, from the C-suite to the customer service desk. Training should emphasize how data security is critical, with employees trained in how to handle, share, store, and dispose of sensitive information safely. They should also be briefed on legal and regulatory requirements and the fines and penalties that could be imposed for data misuse.

While it’s doubtful that all cybercrimes can be avoided—even with the most sophisticated tools in place—it’s still far too easy for attackers to achieve their objectives. This reality means organizations must do more to fortify their defenses and cultivate a culture of cyber awareness.

Tools for Enhancing Cybersecurity

Well-trained employees can be key in significantly reducing cybersecurity threats and incidents, helping to prevent data breaches that put your organization at risk. To achieve maximum protection, companies must also invest in cybersecurity tools and talent to ensure data security.

Leveraging advanced technologies like artificial intelligence (AI) and machine learning (ML) is transforming how organizations protect themselves against cyber threats. Integrating these and other technologies as part of your overall cybersecurity program enhances predictive capabilities and improves detection and response to threats in real time.

Enterprises are now using these tools for:

• Predictive analytics, analyzing historical data to identify patterns and predict potential future threats. This proactive approach gives companies a better chance at preventing attacks before they occur
• Automated threat detection that identifies unusual activity or anomalies in the organization’s network that might foretell a cyberattack
• Behavioral analysis that identifies suspicious actions outside a user’s norm. For instance, if a user unexpectedly accesses a sensitive part of the system, the tool can flag it for review
• Phishing detection that analyzes emails and websites to identify potential threats more effectively and protect users from deceptive content
• Natural language processing (NLP) to analyze emails and text messages for malicious content or intent, helping prevent social engineering attacks
• Securing endpoints like computers and mobile devices by continually monitoring them for malicious activities and vulnerabilities
• Automating repetitive security tasks, freeing human resources for more strategic cybersecurity activities
• Intelligent threat hunting, actively seeking out signs of compromise or vulnerability with their networks
• Enhancing incident response by automating actions like blocking malicious IPs, isolating affected systems, and facilitating more effective and timely threat responses
• Customized continuous learning that improves threat detection and defense mechanisms

Organizations that integrate these advanced technologies into their cybersecurity strategies are achieving more comprehensive, adaptive, and proactive defenses against evolving cyber threats. They’re also gaining a technological advantage, staying one step ahead of attackers in securing organizational data assets.

As cyber attacks continue their upward trend, cyber awareness must be a top priority for organizations. When developing a cybersecurity strategy, focus on tools and techniques that help people understand, recognize, and avoid cyber threats. They should thoroughly understand the daily risks your organization faces and the impact they might have.

Bolstering your resilience with Veritas gives you the strong foundation needed to protect, detect, and recover from cyber attacks, safeguarding your valuable data and ensuring uninterrupted operations in an increasingly hostile digital landscape.

Learn more about how Veritas is committed to safeguarding your data at our Veritas Trust Center.

Get in touch with us today to secure your company’s long-term future with reliable data backup solutions. 

Veritas customers include 95% of the Fortune 100, and NetBackup™ is the #1 choice for enterprises looking to protect large amounts of data.

Learn how Veritas keeps your data fully protected across virtual, physical, cloud and legacy workloads with Data Protection Services for Enterprise Businesses.