Ir para o conteúdo principal

Cybersecurity Awareness Month 2023

Celebrating 20 years of cybersecurity education and awareness to empower users in the digital age

Working together to make the digital world more secure

Cybersecurity Awareness Month is here to empower, educate, and inspire action. As we mark the 20th year of this event in October 2023, we take this opportunity to assess the progress of cybersecurity education and awareness and determine the next steps required to achieve our goal of a security-rich, interconnected cyberspace. This year, the focus will be on four key behaviors:

 

 

In today’s ever-advancing technology world, we face increasing opportunities to create and maintain accounts on websites and mobile apps. Each account requires a password to access and protect the data. Poor password hygiene puts those accounts and our data at risk.

  • Start with using a password manager and destroy all instances of passwords written down on paper or stored in unencrypted computer files.
  • If you already use a password manager, be sure to maintain a strong master password and ensure each of your account passwords is unique.
  • Share best practices related to passwords and multi-factor authentication (MFA) with family and friends.

 

Multi-factor authentication (MFA) is a security measure that allows authorized users to verify their identity using a combination of information and a password. MFA includes several types, such as smart cards, push notifications, code generation on smartphone apps, and biometric verification, such as face recognition. Using MFA along with strong passwords can reduce the chances of unauthorized access to online accounts.

  • Use MFA wherever possible, including at work and for your personal internet accounts, especially financial accounts.
  • Share the importance of the use of strong passwords and the added protection of multi-factor authentication with family and friends, in particular those who are new to computing and the internet.

NOTE: MFA codes sent as SMS messages to phones are falling out of popularity due to SIM swap attacks. Try using non-SMS MFA authentication methods.

 

Cybercriminals often use various techniques to gain unauthorized access to computer systems and obtain sensitive credentials. One of the most common methods involves impersonating trusted entities through electronic communication channels and using social engineering tactics to extract information or access from unsuspecting individuals. Phishing, Smishing (SMS phishing), and Vishing (voice phishing) are some of the most prevalent types of attacks, which are becoming increasingly sophisticated.

  • Understand the prevalence of phishing, smishing, and vishing attacks and their ever-increasing sophistication.
  • Be vigilant and carefully review all emails, texts, and phone calls or voicemail messages you receive before taking any action (including opening attachments, clicking links, calling phone numbers, and providing personal, confidential information).
  • If you receive an email, text, or phone call or message from a company, such as a financial institution, especially if they are seeking urgent action, contact them directly using the contact information you obtain versus responding to the email, text, or call.
  • If your employer or personal email provider have implemented ‘Report Phishing’ functionality, be sure to report all suspicious email. Your input can help improve phishing detection mechanisms.

 

Updating software provides functionality bug fixes and enhancements and helps keep computer systems and data secure. Cybercriminals can exploit vulnerabilities in software and gain unauthorized access to computer systems. A single vulnerability in a system could allow cybercriminals to access an entire business or home network and the computer systems and data it hosts. 

  • Understand the requirement of updating software in your business or home.
  • Choose the best monitoring methods for notification and performing software updates.
  • Enable automatic software updating where it is acceptable. In some instances, test software updates before installing.
  • Share the importance of software updating and best practices with family and friends.
Here's what our leaders have to say

"When an adverse event happens, most times teams aren't on the same page. Cybersecurity Awareness month is a great time to take a step back and make sure that the whole organization is rowing in the same direction".

Kris Lovejoy
Global Practice Leader
Security and Resiliency

"Providing flexible, cost-effective, and secure connectivity at scale is key for enterprises to modernize their networks".



Paul Savill
Global Practice Leader
Network and Edge

"Kyndryl’s recent Mainframe Modernization Survey showed cyber security is the top consideration for 49% of survey respondents and one of the most crucial elements for the success of a mainframe modernization project".

Petra Goude
Global Practice Leader
Core Enterprise & zCloud

"Security is the key to empowerment in the digital age".




Ivan Dopplé
Global Practice Leader
Digital Workplace Services

"The fundamental step to operating securely in the cloud is to understand that security is a shared responsibility".



Harish Grama
Global Cloud Practice
Offering Integration Leader

“Modern applications demand agility and innovation. With DevSecOps, enterprises can not only embrace these ideals but also embed security by design, ensuring the future is both groundbreaking and guarded"

Nicholas Sekkaki
Global Practice Leader
Applications, Data and AI