Top executives with private sector cybersecurity technology providers are echoing one of the broader themes of October’s 20th annual Cybersecurity Awareness Month: spurring the entire IT ecosystem – from the biggest providers to all levels of consumers – to make the basics of cyber hygiene routine behavior.
The Cybersecurity and Infrastructure Security Agency (CISA) kicked off the annual Cybersecurity Awareness Month late last month with its “Secure Our World” public service announcement.
“We aim to equip digital citizens with the basic tools that are needed to keep ourselves safe and secure online,” said CISA Director Jen Easterly, who unveiled the PSA. “We want to make keeping information safe, just like buckling the seatbelt, brushing the teeth. Cyber hygiene is easy as a regular hygiene every day.”
The CISA director doubled down on the importance of the government and private sector embracing four recommendations to keep them digitally safe: use strong passwords for sensitive accounts; enable multifactor authentication; recognize phishing and report phishing attempts; and update software regularly.
Cybersecurity officials from General Dynamics Information Technology (GDIT), Pure Storage, Illumio, and Hitachi Vantara Federal emphasized the importance of those goals in comments to MeriTalk, and pointed the way for government agencies to put strategies in place to better accomplish them.
“As technology continues to advance, cyberattacks are also getting more sophisticated,” said Gary Barlet, Federal Chief Technology Officer at Illumio. “Federal agencies are in constant discussions on how to best protect government systems from these attacks. Since every agency and organization is different, there’s no one-size-fits-all solution.”
“However, one thing is clear: despite all the new tools, the best way agencies can protect themselves starts with the basics and building cyber resilience,” Barlet said.
Recounting CISA’s top four recommendations for Cybersecurity Awareness Month, he said, “much like these suggestions, organizations prioritizing proactive, preventative cybersecurity approaches will help produce long-term benefits on the nation’s security posture and overall resilience.”
Barlet also emphasized that “building cyber hygiene and resilience is an ongoing effort,” and advised that “agencies can bolster their resilience efforts by taking the next step in their Zero Trust journeys and implementing methods like Zero Trust Segmentation to strengthen their security posture and stop breaches from turning into disasters from these rising cyberattacks,”
“It’s vital for agencies practice their cyber hygiene and resilience efforts every day to stay ahead of changing evolving threats and remain mission-ready,” he said.
Matt Hayden, GDIT’s vice president of cyber and emerging threats, said that the annual Cybersecurity Awareness Month “offers a great opportunity for the professional cyber community to make the case for better cyber hygiene to the public.”
“Having everyone aware of the basics of cyber hygiene, including the urgency of updating phones and other devices when patches are released, is critical,” he said.
“We have seen a dramatic increase in cyber incidents in 2023, with ransomware acutely on the minds of C-Suite executives across the country,” he continued. “But while the public acknowledges the risk, survey after survey demonstrates a lack of understanding of how non-cyber professionals play a role.”
“At GDIT, we have used the Cybersecurity Awareness Month to engage with our workforce and community around security of personal devices and spaces, including a continuing focus on cyber hygiene for those who work remotely,” Hayden said. In addition, he said that the awareness month also creates an “opportunity for cyber professionals to explain to their families and friends what they do, but more importantly how everyone has a role to play in an increasingly digital world.”
“Cybersecurity Awareness Month underscores the paramount importance of safeguarding our digital assets,” said Mark Serway, CEO at Hitachi Vantara Federal. “In today’s hyper-connected world, protecting our data and prioritizing cyber hygiene practices is not just a priority; it’s an imperative, spanning both public and private sectors.”
“Organizations across these sectors share an unwavering commitment to cybersecurity, which is essential for the long-term security of our institutions and our nation,” he said. “It must inspire heightened vigilance, closer collaboration, and a continued pursuit of best practices to fortify our defenses within the ever-evolving landscape of cyber threats.”
“The ongoing dedication of both the public and private sectors reaffirms that we are making significant strides toward a safer digital future,” Serway said.
“Today’s cyber criminals move fast, and both the frequency and sophistication of their attacks has only increased,” said Mike Wiseman, Vice President, Public Sector, at Pure Storage.
Keying in on Federal needs, he said, “because government agencies hold some of the most valuable data, an airtight, holistic prevention, backup, and recovery plan remains critical to business continuity and an optimal citizen experience.”
“However, it’s important for agencies to understand that data protection doesn’t come down to a single product or solution,” he said. “Instead, agencies should strive to implement a technology ecosystem that empowers them to effectively manage and safeguard all data, no matter where it’s running.”
“Agencies can achieve stronger data security by driving meaningful infrastructure and application decisions – this can start with utilizing as-a-service or hybrid cloud capabilities,” Wiseman said.
