If you own, run, or work at any sized company–with the threat landscape today, you should be thinking about the company's cyber security strategy. Just a reminder, even if you’re not a giant multinational organization doesn’t mean that hackers aren’t very very interested in your information assets, bank account info, or customer credit card data.
If you have a strategy or even if you haven’t gotten that far yet, we encourage you to make a plan for Cyber Security Awareness Month to get everyone at your company on the same page.
- According to the U.S. National Cyber Security Alliance, 60% of small companies are unable to sustain their business for more than six months following a cyberattack.
- According to the Ponemon Institute, the average cost for small businesses to clean up after being hacked is about $690,000 and, for middle-market companies, it is over $1 million.
National Cyber Security Awareness Month takes place every year in October (and is coordinated across the UK, EU, and USA). If you’re not yet training your employees around cyber skills, good digital habits, and how to stay safe online- October is a great way to start your program.
Use our quick and easy ideas below to put a plan in place to build cyber awareness at your company.
These guys are not cyber-aware!
Make a Plan for Cyber Security Awareness Month
You can use the themes of National Cyber Security Awareness Month to focus your communications or, pick your own Cyber Security Awareness Month themes. This will help you choose learning assets, videos, games, quizzes or other engaging actions to have the most impact on your business.Here are a few to consider…
- Phishing
- Social Engineering
- Malware and Ransomware
- Data Privacy
- Information Protection
- Staying Safe Online
- Safe Email
- Mobile Device Safety
- Working in Public
- Securing your Home
9 Ways to Make Your Cyber Security Awareness Month a Success!
1. Thread in Continual Learning
October is a great way to get started with a Cyber Awareness Program, however, with the number of cyber threats, digital transformation of business, and technological change in our working environments today, it might not be enough to train your teams on all the behaviors that need to change. Continual learning practices show that streams of reinforcement, encouragement, coaching, nudges, and other techniques are the things that move the needle on skills development, knowledge building, and cultural change. Which is what we’re all about. Where could you add in a nudge?
2. Make it an Event!
Host weekly meetings or lunch & learn sessions. Bring in a speaker or watch a webinar as a team. There will be many free learning opportunities this month, if you put the calendar invite out now, you’ll stand a better chance of blocking out time for learning and discussion on your colleagues’ calendars!
Unsure what types of events you should host? Download our event ideas template to gather inspiration to make your cybersecurity awareness month events an enjoyable must attend!
3. Reinforce Visual Information
Can you print out a few posters or find some online to purchase at a reasonable cost? Changing the decor can get some additional attention and reinforce key learning points around recognizing phishing attacks or staying safe on social media. Think about hanging them in key traffic areas, or use more stealthy approaches and hang them where people might least expect to see them!
4. Play A Game
Phish yourself (with the help of someone from IT!) and award prizes for those who recognize the phishing attempt and ‘do the right thing’ (whatever the policy is at your company). Put together short quizzes or surveys with free online survey tools—award badges and prizes, and publicize them widely.
Our entertaining and educational content has something for every business and budget: posters, videos, training modules, infographics, memes, and more. It’s different, attention-getting, and builds awareness.
5. Social Engineer Yourself
Drop a few USB sticks (make sure they are new and clean to use!) in the parking lot with different labels (our favorites all have HR themes like ‘bonus scheme 2024’), put a file on it with learning points around social engineering tactics and the correct use of portable file devices.
Social engineering is still one of the most common security issues that can occur to individuals and businesses. The reason for that is because most social engineering focuses on psychology and the behaviors of people to influence them to take certain actions that benefit the scammer.
6. Make It Personal
Tie in the reasons that people should change digital habits for themselves, not only for the company. Protecting ourselves online includes topics such as identity theft, phishing scams, and social engineering as well. Helping your staff keep themselves and their own families safe is a great benefit to employees and helps them tune into your program.
7. Use Videos (our videos!)
Videos are the way everyone wants to learn these days- not that reading is gone, but to convey lots of information in the shortest time possible, videos are the way to go. There are free training videos to be found on the usual video platforms (of varying quality and effectiveness, true) but if you’re really in a pinch, they can at least help you start the conversation at your company about the importance of cybersecurity in today’s business environment. Follow the themes above and send out links to your team.
8. Make It Fun
Try to make messages around cyber awareness month positive and motivational (rather than scary, dour, and guilt-inducing). People will tune out very quickly to un-interesting, dull, or fear-driven content, so keep it snappy if you want to gain your employee’s attention. We prefer a bit of humor (if you couldn’t tell!) to get the messages across, but you can use whatever approach you think fits best for your organization.
9. Report On Progress
Sending out a report on all the activities you did during your October Cyber Awareness Program showing all the progress made can reinforce learning and the value of the activity.
Follow our Twitter feed for tips, tricks, reminders, and shareable content.
More from the Trenches!
Unlocking Change: Engaging Ways to Boost Security Awareness
While firewalls, passwords, and antivirus software stand as stalwart defenders, there's one crucial element often overlooked in the defense arsenal:...
4 min read
How to Set Up a Cyber Security Awareness Event
The "Know-How" Guide on Setting up an Event during Cyber Security Awareness Month Cyber Security Awareness Month (or NCSAM) is a global event that...
7 min read