October is European Cyber Security Month (ECSM). This marks the fifth anniversary of the initiative and builds on the activities started in previous years. The concept of a cybersecurity awareness month began in the U.S. 14 years ago with the aim of promoting cybersecurity for all computer users, from consumers to governments. Over time, many jurisdictions around the world have taken on similar initiatives.
The main goals of ECSM are to promote the importance of information security by raising awareness about the issues and providing practical steps that citizens and organizations can take to protect personal, financial and professional data.
Themes for This Year’s European Cyber Security Month
The initiative is being coordinated by the European Union Agency for Network and Information Security (ENISA), along with the European Commission Directorate General for Communications Networks, Content and Technology (DG CONNECT) and a wide range of partners from across the region. In 2017, 35 countries are taking part, and there are a total of 483 events taking place throughout the European Union (EU). The official website offers videos, presentations, infographics and online quizzes that provide supporting material for participants.
Every year, ECSM designates specific themes for each week during October focusing on different aspects of the security landscape. Below are this year’s themes.
Week One: Cybersecurity in the Workplace
Week one focuses on raising awareness about information security in the workplace among employees, IT professionals and senior management. It also touches on educating users about current threats that are particularly prevalent, including ransomware, phishing and the ongoing problem of malware. The goal is to provide practical tips to help everyone in the workplace practice better digital hygiene.
Week Two: Governance, Privacy and Data Protection
Given the looming deadline for compliance with the new General Data Protection Regulation (GDPR) and other directives, the focus of the second week is on governance, privacy and data protection. The aim is to help organizations understand what they need to do to be prepared for stricter data protection and privacy requirements.
Week Three: Cybersecurity in the Home
Week three emphasizes raising security awareness among citizens and general computer users. It will focus on threats associated with the deployment of increasingly smart and networked devices that make up the Internet of Things (IoT), including home and building automation systems, and the need to protect against fraud and online scams. Guidance will be provided on how to protect home networks from these threats and how to guard online privacy.
Week Four: Skills in Cybersecurity
Week four focuses on developing cybersecurity skills. There is already a worldwide shortage of skilled security professionals and, according to ISACA, there will be a shortage of 2 million information security professionals by 2019. It is vital to encourage the younger generation to consider careers in cybersecurity. To this end, training and education are particularly crucial.
A Shared Responsibility
The themes of the four weeks are intended to reinforce the notion that cybersecurity is a shared responsibility. The effort aligns with other initiatives such as the EU Cybersecurity Strategy, which promotes an open, safe and secure cyberspace, as well as the Stop.Think.Connect. campaign, which started in 2010. This initiative provides numerous resources, tips and advice in a range of languages to spread awareness worldwide.
European Cyber Security Month has expanded considerably in the past five years. Weaknesses that have been identified in previous years, such as the need for better awareness materials, are being ironed out. The increased focus on training, strategy summits and general presentations can help the individuals and organizations of all sizes better prepare for and respond to cybersecurity threats.