I’m not sure if anyone has told you yet, but October is National Cybersecurity Awareness Month. While it’s great to have a month with more mainstream exposure and broader discussion of the issue, cybersecurity is not something companies or individuals can afford to pay attention to just one month a year. As a company that focuses on cybersecurity and helping customers protect their networks and data all year, we understand that the goal of cybersecurity is actually peace of mind—and that every month is cybersecurity awareness month.
You Can’t “Cram” Cybersecurity
When I served in the US Air Force, we had to do an annual physical fitness test that included a 1.5 mile run in 15 minutes or less. Note, the fitness test has probably changed since I got out of the Air Force, and the time might be give or take a minute because I don’t recall the exact requirement. The relevant point is that the goal of the annual fitness test was—as you might expect from the name—to ensure those of us serving in the armed forces were reasonably fit and prepared for duty. However, most people were, in fact, not very fit and just pushed themselves to complete the mile and a half run in the allotted time. The result was a bunch of people with pulled hamstrings, sprained ankles, and various respiratory issues who technically passed the fitness test but weren’t really fit.
Fitness is one of those things you can’t squeeze in at the last minute. It requires regular, consistent effort to achieve and maintain fitness. There are other things that fall into this category as well. Jim Rohn, one of my favorite speakers, used to talk about the popular phrase, “An apple a day keeps the doctor away,” and stress that it doesn’t work if you skip 5 days and just eat 6 apples on the sixth day.
Cybersecurity is the same way. It requires consistent, ongoing effort. It is not something you can cram in during National Cybersecurity Awareness Month and then just forget for the rest of the year.
Applying Cybersecurity Month Lessons Every Month
There’s nothing wrong with focusing more attention on cybersecurity during National Cybersecurity Awareness Month, as long as we also stress the importance of staying vigilant all year. Yes, of course you should use strong passwords, and two factor or multifactor authentication, and keep all of your systems and applications patched and updated, and regularly backup your critical data, and monitor your network for malicious activity. Yes, it’s a good time to remind people not to open email attachments or click on unknown or suspicious links.
Those are all great messages. For businesses that are not in the cybersecurity industry, though, it may seem overwhelming. Small and medium businesses in particular often lack the resources or budget necessary and don’t have the knowledge or skills required to choose the right tools and processes, never mind deploying, configuring, and monitoring them and responding to security incidents. Ultimately, effective cybersecurity isn’t just about strong passwords and patch management—it’s about peace of mind and being able to sleep soundly at night.
Achieving Cybersecurity Peace of Mind
Here’s the thing: When we pushed ourselves to run the 1.5-mile fitness run within the allotted time and pass the annual fitness test, we weren’t fooling anybody—least of all ourselves. We knew we just checked a box and that we weren’t really fit.
That’s how National Cybersecurity Awareness Month often feels as well. It feels good to raise awareness and increase the focus on cybersecurity for a few weeks. When November rolls around, though, we still have to deal with the reality that there is much more than can—and should—be done to achieve and maintain effective cybersecurity the rest of the year.
Instead of trying to cram cybersecurity into the month of October because it happens to be National Cybersecurity Awareness Month, use the opportunity to look at the broader issue of cybersecurity and how to manage it all year. Examine your strengths and weaknesses from a cybersecurity perspective and weigh your options for achieving peace of mind. You can buy and deploy the tools and manage it all yourself, but it can be a daunting, complex, and costly exercise. As an alternative, you should also consider the cost and security benefits of working with a managed security services provider.
Happy National Cybersecurity Awareness Month. Now, go eat that apple and change your passwords.