October 2023 marks the 20th Cybersecurity Awareness Month campaign.
Together, the National Cybersecurity Alliance (NCA) and the U.S. government’s Cybersecurity and Infrastrasture Security Agency (CISA) want to bring attention to the ever increasing importance of staying secure online—which the organizations believe is crucial for individuals and businesses of all ages.
Master’s in Cybersecurity Online From UC Berkeley
Earn a Master’s in Cybersecurity Online in Just 20 Months Visit WebsiteAccording to CISA, 47% of American adults have had personal data exposed by cyber criminals. And with 2023 bringing an all-time-high for the average cost of a data breach—$4.45 million—more half of organizations are investing more in cybersecurity infrastructure, IBM reports.
Lisa Plaggemier is the executive director of the NCA. She believes it is more important than ever for individuals to act on protecting their data online.
The four emphasized behaviors of Cybersecurity Awareness Month are the same as last year, she says, because there still is progress to be made. The behaviors include:
- Using strong passwords and a password manager
- Turning on multi-factor authentication
- Recognizing and reporting phishing
- Updating software
“Right now, we still have a long way to go on just some basic cyber hygiene—just people doing the fundamentals,” she tells Fortune.
While there is an increasing number of people utilizing and taking multi-factor authentication seriously, she notes half of Americans do not have access to cybersecurity training programs. According to new research by the NCA and CybSafe, 36% of American respondents acknowledged they have been victims of one or more cybercrimes.
Furthermore, 39% of worldwide survey participants reported frustration and 37% felt intimidated by the process of staying secure online.
Jobs with purpose
Based on talks with vendors and industry experts, the job market is cooling off slightly, Plaggemier says. But, she adds that jobs in cybersecurity can be among the most satisfying.
“It’s really hard to find jobs in the business world, that also gives you a sense of purpose,” she tells Fortune. “And I think we have cornered the market on that. You are literally fighting criminals and helping little old ladies cross the internet. It’s a job that allows you to be very mission focused, very mission driven.”
She also notes the industry is very tight knit and embracing community, with many opportunities for veterans, former members of law enforcement, and neurodivergent individuals.
“I think there’s really room for everybody, and I’ve never been in a field—and I don’t know anybody else who’s been in one—where you have such a huge sense of community within the broader community, like just globally,” she says.
According to data analysis by Cyberseek, there are about 663,000 open U.S. cybersecurity jobs. Last year, the Biden administration estimated this number at around 700,000.
However, while it can be important that cybersecurity jobs are filled, it may be more important that every member of society simply knows the basic best practices, Plaggemier notes.
Based on the NCA-CyberSafe data, there remain gaps in Americans’ training and implementation of cybersecurity. Only 30% reported using multi-factor authentication regularly, and many continue to incorporate potentially jeopardizing personal information into their passwords.
No one is immune
Cyber criminals target everyone, but some groups are composed more frequently, Plaggemier says. According to CISA, 600,000 Facebook accounts are hacked every day.
“The bad guys will ever stop attacking the financial services industry, but that industry is probably the one that’s shored up the most, defending themselves the best,” she notes.
Companies that have been slower to adapt to modern technology, small businesses, as well as young people may be more likely to be compromised, she says. Moreover, aging adults usually suffer the highest dollar amount losses since they simply have more to lose. With these challenges, Plaggemier adds there are misconceptions of fatalism and that cyber attacks are out of individual’s control.
Instead, Plaggemier suggests training needs to begin early in one’s interaction with technology and continue to be updated.
“I think every young person— the minute we hand a child an iPad, in the elementary school classroom—whether the minute we introduce any technology, it also should come with instructions on how to use it securely,” she says.
