For the past 17 years, the Cybersecurity & Infrastructure Security Agency and the National Cybersecurity Alliance have led a month-long national focus on cybersecurity best practices. In coordination with a number of organizations around the country, each October features events and campaigns to help educate businesses and individuals on avoiding dangers lurking online. As with everything else, the activities for the 2020 Cybersecurity Awareness Month will look a bit different. But perhaps it is fitting that most of it will be taking place online. It's a great opportunity to practice what you preach when hosting virtual events and resources.
The theme for 2020 is "Do Your Part. #BeCyberSmart," encouraging individuals and organizations to look at their own role in protecting cyberspace and providing proactive steps to enhance cybersecurity. A big part of this is the idea of "if you connect it, protect it." Resources and speakers will focus on securing devices at home and at work, securing Internet-connected healthcare devices, and looking ahead to the future of connected devices.
In government, doing "your part" means making a transition to a zero trust security environment where access controls are maintained around data and systems even after someone has shown the proper credentials to get into the network. The name "zero trust" implies a difficult hurdle that has to be overcome to earn the trust, but that is not the case. A different way of looking at it is "context-based trust" or "variable trust" meaning that devices with network access will receive immediate entry. Other devices that are unknown to the network will be subject to additional checks and balances. Key to this is establishing what is perceived as normal behavior on the network and by users. As activity deviates from that norm, systems and data can be locked up until legitimate access is verified.
Below is a list of some of the events happening in October so you can Do Your Part. #BeCyberSmart! on cybersecurity tools, techniques, and trends.
- CISA Region VII National Cybersecurity Awareness Month Kick Off (October 1, 2020; virtual) - This town hall format will feature CISA cybersecurity subject-matter experts discussing NCSAM and the importance it has for critical infrastructure. Speakers include David Kuennen and James Tipton, IT Cybersecurity Specialists, Election Security Initiative, National Risk Management Center; Benjamin Scribner, NCSAM Campaign Lead, CISA; and Geoff Jenista, Cybersecurity Advisor, CISA Region VII.
- AFFIRM / USCC 7th Annual Cybersecurity Summit (October 8, 2020; virtual) - This in-depth, half-day session will gather an all-star line-up of chief information officers, chief information security officers, and other thought leaders from government and industry who will explore growing threats as well as innovative approaches to attract and retain the best cyber talent.
- ICIT Fall Briefing: A Secure Roadmap for the Future (October 14-15, 2020; virtual) - Roll up your sleeves and connect with top cybersecurity experts for this virtual hands-on collaboration project. At this virtual seminar, attendees will engage in dynamic opportunities to share with your peers and learn from national leaders how you navigate the now, how we plan for the future, and how to lead your organization through the next decade. Walk away with a framework that you can implement immediately and learn how to crowdsource solutions for your next crisis.
- Combating Insider Threats and APTs with Cyber Deception (October 15, 2020; virtual) - It is virtually impossible to keep persistent attackers out of the Department of Defense's (DoD) networks. Once within critical networks, these attackers will attempt to move laterally to identify DoD resources for theft and possible destruction. Advanced Cyber Deception gets us into the realm of ProactiveDefensive Cyber Operations. Find out how deception technology can help the DoD get the edge over malicious nation-state attackers.
- CyberTalks 2020 (October 19-23, 2020; virtual) - Join this weeklong series of talks featuring CISOs and top cyber leaders from tech, government, academia, healthcare and finance. Daily lightning talks, keynotes and fireside chats will explore how the security leadership community is revolutionizing the way we protect against and overcome all the threats facing our nation.
- The Evolution of Ransomware for Government Agencies (November 11, 2020; virtual) - Financially motivated transnational criminal groups have found ransomware to be a powerful tool for profit generation. The targeting of U.S. state and municipal governments, healthcare institutions, critical infrastructure providers, and our nation's universities coupled with the rise of big game hunting, ransomware as a service, and increased collaboration between adversarial state intelligence services and criminal groups increases the salience of this issue. Learn more about how ransomware attacks happen and how to protect and respond to them.
Let us know what other cyber events you'll be tuning in to in October and check out more events on our site.