Blog >

October is Cyber Awareness Month: 4 Keys to a Strong Defence

Did you know 2023 marks the 20th annual Cybersecurity Awareness Month this October?

This event serves to increase awareness of the ways you can safeguard data.
As technology continues to advance, so does the need for increased awareness and proactive measures to safeguard sensitive information.

Cybersecurity can seem like an insurmountable task, however, it’s worth remembering it’s not only a job for the IT team. Everyone has a part to play in keeping their organisation’s data safe, not to mention their own data.

Following the basics can make a real difference to the security of your network.

Cybersecurity Awareness Month (CAM) explained. Every October, the world comes together to celebrate Cybersecurity Awareness Month (CAM). CAM is a yearly initiative that’s all about spreading knowledge and awareness regarding cybersecurity. Its primary goal is to equip individuals and organisations with the necessary tools and information to defend themselves against cyber threats.

Origins and Global Reach Originally, CAM started as a U.S. initiative known as National Cybersecurity Awareness Month. However, its importance quickly grew worldwide, leading to its adoption by countries and organisations across the globe. CAM’s leadership is entrusted to two key agencies: the National Cyber Security Alliance (NCSA) and the Cybersecurity and Infrastructure Security Agency (CISA).

Collaborative Efforts CAM is a joint endeavour that brings together a diverse group of stakeholders. This includes government agencies, industry leaders, and cybersecurity experts. Their collective aim is to shed light on cyber risks and promote best practices in the digital realm.
Cybersecurity Awareness Month is like a worldwide crash course in protecting yourself and your organisation from cyber threats. It serves as a reminder that in today’s interconnected world, cybersecurity isn’t just a concern for IT professionals—it’s everyone’s responsibility. So, whether you’re an individual looking to safeguard your online presence or an organisation seeking to enhance its cybersecurity posture, CAM offers a wealth of resources and guidance to help you stay safe in the digital age.

This Year’s Theme In its 20th year, CAM is reflecting on the progress made in cybersecurity and the distance it still needs to cover. At its core, CAM is keen to emphasise the importance of cyber hygiene practices.
Just like maintaining good hygiene to safeguard our physical health, such as daily tooth brushing, we similarly need to prioritise cyber hygiene to protect our digital well-being. Cybersecurity too requires ongoing good hygiene practices to secure the online environment. Four practices, in particular, form the foundation of a strong cybersecurity defence for individuals and organisations.

Essential Cyber Hygiene: 4 Keys to a Strong Defence


1. Enabling Multi-Factor Authentication (MFA)

Implementing Multi-Factor Authentication (MFA) adds a vital layer of security to all logins. A hacker usually can’t breach an account protected by MFA. This is the case even if the cyber-criminal has the password.
According to Microsoft, MFA can block 99.9% of attempted account compromise attacks. With that strong track record, everyone really should be using it. And using it on every login they have.


2. Strong Passwords and using a Password Manager

Passwords remain a critical aspect of securing online accounts. Despite the increased use of biometrics, passwords still rule. Encourage your team members to use strong, unique passwords for each account. Avoid easily guessable information like birthdays or names.

Companies can help by setting strong password enforcement rules. This requires a strong password before it’s accepted in a system. For example, you may set up a policy that requires a password to have:

• At least 12 characters
• At least 1 upper case letter
• At least 1 lower case letter
• At least 1 number
• At least 1 symbol

3. Updating Software

Outdated software creates vulnerabilities that cybercriminals can exploit. Regularly update operating systems, applications, and firmware. This ensures the latest security patches are in place.
Automating updates is an effective way to ensure they’re done promptly. Companies can use endpoint device managers to handle updates across all employee devices. Managers like Intune simplify the process and enhance endpoint security.



4. Recognising and Reporting Phishing

Phishing attacks are a common vector for cyber threats. Train your team to identify phishing emails, suspicious links, and unsolicited attachments. Encourage them to verify the sender’s email address. As well as never provide sensitive information unless certain of the recipient’s authenticity.

It’s also important to educate employees about phishing beyond email. Phishing via text messages has been increasing significantly. Some criminals phish via direct messages on social media platforms.

Another important aspect of phishing awareness is to report phishing. If it’s reported, then other employees know to avoid that phishing trap. The organisation’s IT team also needs to know so they can take action to mitigate the threat. Be sure to let employees know how they can report a phishing email when they suspect one.


The following advice is shared on the UK government website:
“Report internet scams and phishing
Report misleading websites, emails, phone numbers, phone calls or text messages you think may be suspicious.
Do not give out private information (such as bank details or passwords), reply to text messages, download attachments or click on any links in emails if you’re not sure they’re genuine.
Forward suspicious emails to
The National Cyber Security Centre (NCSC) will investigate it.”



How to Put the Best Cyber Hygiene Practices in Place

Cybersecurity Awareness Month provides a valuable chance to re-emphasise the importance of cybersecurity and prioritise fundamental cyber hygiene practices. Establishing a culture of cybersecurity awareness among your team is crucial and can be the determining factor between vulnerability and resilience.

Our Managed IT Service is designed specifically to meet the needs of SMEs in the North West, allowing them to focus on what they do best. So, if you need some help ensuring a more secure and resilient future, our team of experts can get you going on the basics. Once those are in place, your organisation will be more secure and productive.
Give us a call today to schedule a chat.

More from our blog