By: Anna Ribeiro
The U.S. administration once again intensified its efforts to defend the digital world, recognizing it as crucial for the safety and security of the nation and its citizens. During National Cybersecurity Awareness Month, there is a renewed commitment to safeguarding data and technologies from malicious hackers and cyber threats, calling upon citizens to enhance their cybersecurity knowledge. Additionally, there is a pledge to ensure that America can fully benefit from the positive impacts of the digital future.
“My Administration is committed to securing the digital ecosystems that touch nearly every aspect of American life. That is why I released the National Cybersecurity Strategy, which lays out 100 actions the Federal Government, along with our public and private sector partners, is taking to defend our increasingly digital world,” U.S. President Joe Biden wrote in ‘A Proclamation on Cybersecurity Awareness Month, 2024.’ “This strategy aims to ensure primary responsibility for creating a safe digital future is borne by technology companies and the Federal Government, entities that are most capable and best-positioned to reduce cyber-related risks for all of us. I have signed Executive Orders to secure the digital infrastructure of the Nation’s ports, fortify our supply chains, and strengthen our industrial base.
Furthermore, President Biden pointed out that his administration launched the ‘U.S. Cyber Trust Mark’ program, which works with product manufacturers and retailers to ensure Americans have the option of choosing safer smart devices. “Through executive action, we are also setting a higher standard of security for the software purchased by the Government,” he added.
President Biden further detailed that to keep the nation’s digital world safe, “we are supporting efforts to build a strong cyber workforce that is ready to meet this moment. My Administration is committed to investing in the next generation of cybersecurity experts and opening up more opportunities for Americans to pursue a cyber-based career. We have invested in infrastructure projects across the country, where America’s workers are building semiconductors and making our electric grids more resilient to cyber threats.”
Furthermore, the President highlighted that his administration also released a National Cyber Workforce and Education Strategy focused on giving more Americans access to the skills and education needed to pursue good-paying jobs in the cyber field. “We have made the Federal Government a model for that work by transitioning the hiring process for cyber positions in the Federal Government to be skills-based –- focusing on required skills and removing unnecessary degree requirements.”
He also pointed to the ‘Service for America’ campaign launch with a recruiting and hiring sprint to connect more people to cyber jobs and fill critical vacancies. “And we are working with academia and the public and private sectors to grow the national cyber workforce by providing high-quality training, scholarships, paid internships, and Registered Apprenticeships.”
“My Administration is ensuring that America leads the world in cybersecurity, and we are working with our international partners to combat cyber threats,” President Biden said. “We are convening the nearly 70 member countries and international organizations of the International Counter Ransomware Initiative launched by my Administration to address the scourge of ransomware at both an operational and a policy level. We are working closely with allies and partners to bolster our cyber defense so that we can communicate and support one another in response to cyberattacks. And we have established cybersecurity goals that are rooted in protecting our shared democratic values.”
The President also noted that, during National Cybersecurity Month, “we recognize the important role that cybersecurity plays in keeping Americans safe, protecting our institutions, and upholding our democracy. We honor all of the cybersecurity professionals, who are working tirelessly to defend our digital world. And we look forward to all that we will accomplish as we work together to advance cybersecurity.”
Having once again proclaimed October 2024 as National Cybersecurity Month, the President called upon “the people, businesses, and institutions of the United States to recognize and act on the importance of cybersecurity and to observe National Cybersecurity Month in support of our national security and resilience. I also call upon businesses and institutions to take action to better protect the American people against cyber threats and create new opportunities for American workers to pursue good-paying cyber jobs.”
The President called upon Americans to take immediate action to better protect themselves by turning on multi-factor authentication, updating software on computers and devices, using strong passwords, and remaining cautious of clicking on links that look suspicious.
On Tuesday the U.S. Cybersecurity and Infrastructure Security Agency (CISA) launched the 21st annual Cybersecurity Awareness Month. Throughout October, CISA, in collaboration with the National Cybersecurity Alliance (NCA), will emphasize the theme ‘Secure Our World’ by providing the public with essential information on how to maintain online safety.
CISA encourages collective efforts to enhance global security by adopting four measures that can ensure online safety for all. The agency suggests using strong passwords that are long, random, and unique to each account, and adopting a password manager to generate them and to save them; and turning on multi-factor authentication on all accounts that offer it. More than a password is needed for the most important accounts, such as email, social media, and financial accounts. It also suggests recognizing and reporting phishing and updating software. In fact, enable automatic updates on software so the latest security patches keep connected devices continuously up to date.
“CISA is excited to again partner with the National Cybersecurity Alliance and lead the federal government’s efforts to reduce online risk during this 21st Cybersecurity Awareness month and every month,” according to Jen Easterly, CISA director. “Our focus is working with government and industry to raise cybersecurity awareness and help everyone, from individuals to businesses to all levels of government, stay safe online in our ever-connected world. Protecting ourselves online is about taking a few simple, everyday steps to keep our digital lives safe.”
“During Cybersecurity Awareness Month, messaging to already-cyber-conscious audiences is often redundant. It’s time to take a different approach—one that focuses on students and builds real connections,” Lynn Dohm, executive director at Women in Cybersecurity (WiCyS), wrote in an emailed statement. “To cut through the clutter, we need to simplify the message and empower the next generation to see themselves in cybersecurity. This month isn’t just about raising awareness; it’s about shaping the future leaders of this field.”
To shake things up, Dohm added this Cybersecurity Awareness Month “we’re showing young women that they belong in this field by mobilizing our student chapters to reach high school students directly. We’re showing them that cybersecurity is already a part of their lives and doesn’t have to be intimidating.”
“We’ve developed a Cybersecurity Awareness Month toolkit, backed by our top-tier partners, that these student leaders will take into high schools, breaking down cybersecurity into simple, everyday language,” according to Dohm. “Many students don’t realize they’re already practicing cybersecurity when they use things like two-factor authentication. By having peers—people who were recently in their shoes—share this message, we’re making cybersecurity feel relevant and accessible. It’s not a big, scary concept; it’s something they’re already part of.”
Irfan Shakeel, vice president for training and certification services at OPSWAT, said that to ‘Secure Our World,’ protecting critical infrastructure must be a top priority, requiring proactive strategies to safeguard our society’s critical systems and sensitive data. “This effort must go beyond raising awareness and demand targeted cybersecurity measures vital for national security. In sectors we all rely on, such as energy, transportation, and healthcare, organizations should focus on real-world attack vectors, like SCADA system manipulation, to better understand the risks we face and enhance preparedness.”
Regular tabletop exercises simulating OT/IT breaches, strict enforcement of multi-factor authentication and network segmentation, and active leadership in fostering a security-first culture are essential steps for readiness and resilience. These foundational measures must be continuously reinforced to maintain vigilance across the organization.
“Cybersecurity should also be embedded throughout the product development lifecycle, starting with secure coding practices and early threat modeling,” Shakeel added. “Regular security reviews, vulnerability assessments, and the use of static and dynamic analysis tools ensure security is integrated from the start, reducing post-deployment risks. By embedding cybersecurity into each phase, organizations minimize vulnerabilities and strengthen overall security postures.”
To truly ‘Secure Our World,’ organizations must move beyond just identifying cyber risks and concentrate on actionable strategies to mitigate them, Scott Kannry, co-founder and CEO at Axio wrote in his statement. “This means fostering better communication among stakeholders, aligning on priorities that matter most to the business, and making decisions that focus on minimizing the potential impact of cyber incidents. As recent events like Crowdstrike have shown, even well-defended companies can be significantly affected, sometimes due to accidents. Thus, it is imperative to understand the ramifications of a successful attack (or accidental event) to effectively minimize business impact.”
“Cyber Risk Quantification (CRQ) can be a powerful tool in this effort, but only when it is used to drive business decisions rather than just measure risk. Aligning stakeholders on CRQ can help bridge the communication gap and create a unified approach to cybersecurity,” according to Kannry. “As cybersecurity threats evolve, so must our approach. Organizations that involve a broad range of voices and focus on practical outcomes will build more resilience and secure environments for everyone. This month serves as a reminder that securing our world is an ongoing effort that requires collaboration, clear strategies, and a commitment to continuous improvement.”
Read more HERE