October is a big month for cybersecurity globally. In the US, the Department for Homeland Security runs National Cyber Security Awareness Month, while ENISA (The EU Cyber Security Agency) and the European Commission hosts European Cyber Security Month (ECSM). Both initiatives operate as educational and awareness-building campaigns, promoting the importance of cybersecurity to protect personal data. Overall, efforts are targeted towards improving citizens’ and organisations’ behaviour when it comes to cybersecurity.
“Cybersecurity” is a broad topic and threats can take many forms – from phishing, to malware, to corporate espionage. The overall aim of cybersecurity is to prevent unauthorised access or other damage to systems and data – whether that’s stealing log-in credentials or installing a virus that deletes information. Cybersecurity also falls under the wider category of “information security” – which is concerned with protecting all information assets (digital and hard copies) from all threats or risks to their security.
Looking at both the broad topic and the specifics, I wanted to share an overview of the topics we’ll be talking about this October to help raise awareness and improve education about protecting data.
Human layer security
An organisation’s “human layer” is exactly what you’d probably expect it to be: its people. A large focus for National Cyber Security Awareness Month and ECSM is to help people be more secure as individuals in both their personal lives and at work. Our next blog post will take a look at the concept of “human layer security”: the technologies and processes supporting improved data protection as people interact with sensitive information.
Machine learning (that brings real value)
Machine learning has been hailed as security’s “golden child” for some time now – but its real-world application has often been less than satisfactory. This month, we’ll be examining why that’s been the case, what potential machine learning actually has, and the ways it can be applied to bring real value to everyday processes.
Email remains one of the primary ways people communicate both at work and at home – and as a result, one of the primary ways for them to cause data breaches. It’s no exaggeration to say we’ve all either sent an email in error (a “misdirected email”) or received one. For many of us, we’ve experienced both scenarios. When the information contained in a misdirected email or attachments can be harmless and simply requires a quick apology. But where sensitive and personal data is contained in these emails, then just one incorrect recipient can be the cause of a data breach. As part of National Cybersecurity Awareness Month and ECSM, we’ll be looking at how email can be made more secure to improve data protection.
Actually ensuring people use email encryption
Our Chief Product Officer, Sudeep Venkatesh, frequently states that email encryption solutions are only as successful as their adoption rates amongst users. However, ensuring these solutions are actually being used by employees has been a major source of frustration for CISO and other security professionals. In response, we’ll be looking at common pain points in email encryption adoption and what can be done to overcome them.
Ensuring effective cybersecurity
Ongoing education and awareness are critical for effective cybersecurity and data protection. Initiatives like National Cyber Security Awareness Month and ECSM are key to helping people understand the risks and the solutions to existing and emerging threats. I hope you enjoy our posts this October and find them useful!