Cybersecurity Awareness Month Roundup

This October marks the 21st anniversary of Cybersecurity Awareness Month. For most organizations, it is an acknowledgment and re-emphasis of the cyberdefense activities they engage in all year-round. 

It’s been a tumultuous year in cybersecurity, to the surprise of absolutely no one.

Unprecedented healthcare data breaches resulting in multi-million-dollar losses seem to hit the news with concerning regularity. The hospitality industry faces its own unique challenges and is a preferred target for organized criminals and even nation-states for breaching data. According to Hotel Management, nearly 31% of hospitality organizations have reported a data breach and 89% report having been affected by several types of breaches more than once a year. 

But organizations of all sizes and industries can take heart in the knowledge that there have been several positive advancements in cybersecurity. Due to advancements in technology, better awareness and stricter regulations, there is reason to believe that 2025 will see bolstered cyberdefense across all industries, resulting in fewer major breaches.

New rules and regulations in 2024

According to the White House, in 2024 new or updated cybersecurity rules went into effect across several critical infrastructure sectors. Which, as it turns out, covers every sector. Specifically, the federal government increased its position towards cybersecurity, in terms of regulations

The Securities and Exchange Commission (SEC) adopted new rules requiring all public companies to disclose information related and risk management practices. All public companies would cut across every sector, and organizations of all sizes, in all verticals.

For manufacturers and supply chain organizations, the Department of Defense released revisions to its Cybersecurity Maturity Model Certification program to establish new requirements for contractors and subcontractors and expanded access to their voluntary Cybersecurity Program.

The Transportation Security Administration (TSA) issued updated requirements for oil and natural gas pipelines, airport and aircraft operators, and rail carriers. In the maritime sector, an executive order bolstered cybersecurity of Vessels, Harbors, Ports, and Waterfront Facilities of the United States, which impacts import and export across industries.  The U.S. Coast Guard made some news by issuing new regulations to beef up port and maritime cybersecurity. 

For healthcare, an amendment to the Federal Food, Drug, and Cosmetic Act, now requires manufacturers of certain types of medical devices to design, develop, and maintain cybersecure medical devices. to design, develop, and maintain cybersecure medical devices. 

Doubling down on four simple rules from the Federal Government

For this year’s Cybersecurity Awareness Month, the Cybersecurity and Infrastructure Security Agency (CISA) are repeating their advocating of some easily understood actions and steps that all US organizations should undertake:

• Use strong passwords and a password manager
• Turn on multifactor authentication (MFA)
• Recognize and report phishing
• Update your software

That agency states that, "Secure Our World will also be the enduring theme for all future Cybersecurity Awareness Months. This theme recognizes the importance of taking daily action to reduce risks when online and connected to devices.” CISA is currently offering a free  Cybersecurity Awareness Month 2024 Toolkit.

The four steps advocated for by the CISA can go a long way towards preventing data breaches if they are socialized throughout an entire organization. Increasingly, data breaches can be traced back to one simple, single missed step. For example, during a Senate Finance Committee hearing on a large healthcare organizations massive data breach, lawmakers were taken aback when it became clear that a hacker group gained access to a server that didn’t require multi-factor authentication for users, and inserted ransomware. Senator Ron Wyden, remarked, “This hack could have been stopped with cybersecurity 101.”

C-Suite feeling pressure for lack of preparedness

Increasingly, missteps and overlooked processes are starting to rebound on those in charge of organizations. According to the Fortinet 2024 Cybersecurity Skills Gap Global Research Report 51% of respondents worldwide say that directors or executives have faced fines, jail time, loss of position, or loss of employment following a cyberattack. Correspondingly, 72% of respondents say their boards were more focused on cybersecurity than the year before, and 97% of respondents say their board sees cybersecurity as a business priority.

Malware, phishing, password attacks and ransomware (in that order) were the most common sort of attacks in North America, according to the Fortinet report. 58% of respondents said that a lack of properly trained IT/security staff are the prime causes of breaches. With Gartner estimating that more than 95% of new digital workloads will be deployed on cloud-native platforms by 2025, security of cloud-based applications and processes have been an area of concern as well.

How Spectrum Enterprise can help

Today’s IT teams are faced with challenges unlike any they have faced before. They need to support a distributed workforce at scale by granting proper access to the cloud-based applications and programs employees need to do their jobs effectively — all while keeping their data secure. 

Our newest offering, Secure Dedicated Fiber Internet combines dedicated fiber and advanced security, backed by a 100% uptime SLA guarantee, for fast, reliable connectivity. This networking solution delivers built-in threat protection, professional installation, continuous maintenance, and 24/7/365 US-based support, ensuring your business stays connected and protected effortlessly.

Our Secure Access with Cisco Duo and Cloud Security with Cisco+ Secure Connect offerings are designed to help clients provide their employees with safe and secure access to information and applications on private networks or public clouds, while integrating seamlessly with managed network offerings. 

Learn more about our cybersecurity offerings and see for yourself why 83% of Fortune 500 rely on Spectrum Enterprise for technology solutions.