Why Cybersecurity Awareness Month still matters

Now in its 17th year, Cybersecurity Awareness Month still matters
(Image credit: Shutterstock / Askobol)

Cybersecurity is important. In fact, it was already important way back in the years before cybercriminals started making money out of malevolent software - before we needed terminology such as phishing, botnets, attack chains, exploit kits, malware, spyware and ransomware.

Back when computer viruses were almost entirely about showing off to imaginary chums or having a destructive joke at everyone else's expense on Friday the Thirteenth by deleting their programs one by one...

…well, even back then, cybercrime (as we unexceptionably call it now) was neither witty nor innocent.

Then, starting in about 2000 or 2001, cybercrooks figured out not only how to spread mayhem with malware, but also how to make money illegally, too. Lots of money.

Lots and lots and lots of money.

At the start of the 2000s, crooks were scamming $100 a time with popups for fake charities to which you'd send money for bogus good causes; by the end of the decade they were stealing payment card numbers and helping themselves directly to $1000s at a time; in 2020 they're into blackmail in a big way by stealing or scrambling your data and extorting you into buying it back for $1,000,000 a time.

Cybercrime directly affects all of us

No matter how unimportant we might feel in the digital economy, or how little we think we might have for cybercrooks to take, we all have data that's worth something to cybercrooks - and there are whole swathes of the cyberundergound getting wealthy at our expense just by stealing data to sell on to someone else.

Simply put: a cyber security injury to you can quickly turn into a cybersecurity injury to everyone else.

How can you help?

Well, one way is to support Cybersecurity Awareness Month, or CSAM for short, in your part of the world.

Yes, CSAM is getting on a bit - it's now in its 17th year (it started in the US back in 2004), so you'll find cynics who say, "But it's just the same old tired advice recycled every year by people who can't think of anything better to say."

We disagree, because the basics are still important, and we still haven't got them fully sorted out anyway.

Here's what we said seven years ago to the day, when CSAM hit its tenth year:

"Cybersecurity matters because there is a whole underweb of cybercriminals waiting to take money out of our economy if we give them half a chance. So let’s make an effort to give them less than half a chance. As we’ve said before, treat Cybersecurity Awareness Month as an incentive to change your digital lifestyle for the better, on a long term basis."

And that's what we're saying again

Sure, some of what you hear in CSAM will be cute but basic phrases you've heard before, such as advice to "pick proper passwords", encouragement to "stop - think - connect" before leaping onto websites and filling in personal data, and reminders that "if in doubt, don't give it out."

But even if you already do all of those things yourself all the time, what about your friends? Your family? Your colleagues?

Your attitude can help them improve their cybersecurity too, so our motto for CSAM 2020 is this: ‘Friends don’t let friends get scammed.’

Because an injury to one is an injury to all.

  • Paul Ducklin, Principal Research Scientist, Sophos.
Paul Ducklin

Paul Ducklin, Principal Research Scientist, Sophos. He is a great leader and is passionate about technology.