Hopefully, everyone reading this knows that next month is national Cybersecurity Awareness Month. But, maybe some of you didn’t, and that’s part of the reason why I’m writing about it. The other part is because it’s an important month every year, but especially important this year. 


Well, I’m glad you asked because I’m excited to share the big news. 

October was declared Cybersecurity Awareness Month back in 2004 by former President George W. Bush and Congress, which makes this year the 20th anniversary. 

To celebrate this milestone, The Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) are launching a new awareness program that will encourage four simple steps every American can take to stay safe online. These are “simple actions we should all take not only during Cybersecurity Awareness Month, but every day throughout the year,” according to CISA.

The four steps

  • Use strong passwords and a password manager: Strong passwords are critical to protecting data. They are long, random, unique, and include all four character types (uppercase, lowercase, numbers, and symbols). Password managers are a powerful tool to help you create long, random, and unique passwords for each of your accounts. Plus, they make storing passwords and user IDs easy.
  • Turn on multifactor authentication (MFA): You need more than a password to protect your online accounts, and enabling MFA makes you significantly less likely to get hacked. Enable MFA on all your online accounts that offer it, especially email, social media, and financial accounts, and use authentication apps or hardware tokens for added security. Learn more about multifactor authentication.
  • Recognize and report phishing: Phishing emails, texts, and calls are the number one way data gets compromised. Be cautious of unsolicited emails, texts, or calls asking for personal information. Avoid sharing sensitive information or credentials over the phone or email unless necessary and don’t click on links or open attachments sent from unknown sources. Verify the authenticity of requests by contacting the individual or organization through a trusted channel. Report phishing attempts to the appropriate authorities or IT department. Learn to recognize the signs of phishing and report these incidents to protect data and devices.
  • Update software: Ensuring your software is up-to-date is the best way to make sure you have the latest security patches and updates on your devices. Regularly check manually for updates if automatic updates are not available and keep operating systems, antivirus software, web browsers, and applications up-to-date.

What can you do?

Even if you practice good cyber hygiene every day, there’s always something more to learn or do. So, with October right around the corner, start thinking about how you’re going to celebrate 20 years of cybersecurity awareness, and share your ideas with me and our readers on social.