As everyone in this industry knows, it seems like there is a new high-profile cybersecurity breach every week. Even those outside the industry can cite recent examples like Colonial Pipeline or Kaseya, which made headlines around the world. The rapid rise in ransomware attacks, and their growing impact on the stability of our country’s infrastructure, has put cybersecurity in the national spotlight, making it a priority for the Biden administration, but these types of attacks are by no means a new phenomenon.
In fact, the launch of October as Cybersecurity Awareness Month in 2004 by the National Cyber Security Alliance and the U.S. Department of Homeland Security coincides with Titan Rain, the Chinese attack that compromised a number of U.S. government networks.
Fast forward to 2021, in our current digital-first world, security awareness is more important than ever and remains a crucial area of focus for the RH-ISAC community. The Security Awareness Working Group is one of RH-ISAC’s most active groups. This year, we’re celebrating Cybersecurity Awareness Month with a symposium that has something for both cybersecurity professionals and non-technical staff.
RH-ISAC’s Security Awareness Symposium, taking place online on October 26, 2021, is a new event designed to provide security awareness training to all business units of companies, including both member and non-member retail, hospitality, and travel organizations. The event features easy-to-digest lectures on topics such as phishing scams and safe remote work, plus a hands-on CyberEscape exercise, hosted by Living Security, that allows teams to understand the role they play in keeping their organization safe from a cyber attack. The event has something for security professionals too, with an eCommerce cyber range exercise hosted by Security Innovation, and a keynote panel discussion with leaders from the industry on supply chain vendors and third-party technology.
This event is a result of numerous discussions this year among working group members on what they are doing at their organizations to improve their security awareness programs. Presentations on successful phishing programs and how to collaborate internally with leadership to develop them revealed that many organizations just don’t have the bandwidth to develop the type of training they know they need.
Risky employee behavior, such as insecure passwords or falling for a clever socially engineered phishing scam, are some of the most common ways hackers gain access to a system, so putting an effective awareness program in place is one of the most important defenses we have. The Security Awareness Symposium aims to fill that gap for businesses interested in educating their employees but lack the resources to do so.
We encourage everyone this Cybersecurity Awareness Month to sign up for the Security Awareness Symposium! And if you’re an RH-ISAC member, get involved with the working group, which provides resources throughout the year to improve your security awareness program! Reach out to firstname.lastname@example.org for more information.