October 1 marked the beginning of the annual National Cyber Security Awareness Month (NCSAM) in the United States. NCSAM is a collaborative effort designed to ensure that every American has the resources they need to use the Internet safely.
Internet security is a big subject, so NCSAM is broken down into five parts to make it more manageable. This week we are looking at the second topic in the series, Creating a culture of cyber security in the workplace.
All organizations – from large and small businesses to healthcare providers, academic institutions, government agencies and civil society – can experience data breaches or be targets of cybercrime, which can result in stolen intellectual property, theft of personal information or – if our critical infrastructure is attacked – a disruption to our way of life.
At this point in the digital age, maintaining safe and secure access to connected resources is critical. However, as Mike mentioned last week, many people are just tired of all of the security talk. “IT security fatigue,” as it's known, is what happens when people just get tired of security procedures and processes. Security fatigue becomes an issue (pdf) when security is perceived to be an obstacle that interferes with productivity, or when the stress of maintaining a high level of security vigilance becomes overwhelming. System Administrators often use a tool known as the ‘Security vs Usability Triangle' to illustrate the effects of different factors on the technology infrastructure:
In Mike's post, he discusses some solutions to issues that may contribute to security fatigue. The NCSAM campaign takes it a bit further, encouraging us to create a culture of cyber security through all levels of the workplace. Here are some of the resources they've made available to help with this:
Twitter Chat: Join @STOPTHNKCONNECT's Twitter chat on Thursday, Oct. 13, at 3 p.m. EDT/noon PDT to discuss creating a culture of cybersecurity at work. Use #ChatSTC to join.
Mid-South Cyber Security Summit: The National Cyber Security Alliance is partnering with the FedEx Institute of Technology Cluster for the Advancement of Cybersecurity and Testing (CAST) and the Center for Information Assurance to host the Mid-South Cyber Security Summit on Friday, Oct. 14, in Memphis, TN. Register here, and livestream the event here.
Protect Your Workplace brochure: This pdf includes tips on physical and cyber security guidance, and contact information you'll need if you are a victim.
Barracuda supports the goals of NCSAM, and we'll have more on this topic throughout the month. Follow us on Twitter @barracuda for the latest news on information security, and keep an eye on this blog for more posts on NCSAM. (RSS feed here)
If you are needing some assistance getting your head around security concepts at your office, here's a video from our team that explains threat vectors and attack surfaces. It also highlights our approach to securing the threat vectors the easiest way possible.