Posts

National Cybersecurity Awareness Month: Password Pro Tips

October is typically associated with pumpkin spice lattes, college football, crunching leaves underfoot and ghostly fun, but did you know it’s also Cybersecurity Awareness Month?

This is the month when industry and government alike come together to spread knowledge on good cybersecurity hygiene practices for both individuals and organizations. By raising cyber awareness, we hope to instill knowledge about various cybersecurity touchstones as well as best practices for staying safe in the constant churn and burn of cyber threats.

Throughout this month, SonicWall will be exploring multiple different cybersecurity awareness themes in a series of blogs. Today’s focus: strong passwords.

What is a Strong Password?

A strong password is a password that uses multiple types of characters to make it harder for hackers to guess. In the modern world, hackers use all sorts of methods to brute force passwords, and if your password is something like halloween2023 or password1234, threat actors can crack your password through brute forcing in a matter of moments. A good password will be:

  • At least 16 characters long
  • Consist of uppercase letters, lowercase letters, numbers and symbols
  • Not based on your personal information
  • Unique to each account

For example, $4wDeX76PoTG7?!0 is going to be nearly impossible for a hacker to brute force.

Password Managers

You may, like me, look at a password such as $4wDeX76PoTG7?!0 and think, “How in the world would I remember a password like that for every account I have?”

Fret not – this is where password managers come into play.

Password managers are built specifically to help you create secure passwords and keep track of them. There are multiple free password managers that can be used by individuals such as KeePass or BitWarden. There are even password managers built specifically for businesses and larger organizations like DashLane.

Password managers securely store all of your unique passwords for each of your accounts, so when you use a password manager, you don’t have to worry about forgetting a password. They’ll be readily available any time you need them.

Get on Board

According to Dark Reading, weak and reused credentials are near the top of the list of vulnerabilities in many organizations. Despite efforts to increase awareness on strong password practices and password managers, many organizations and individuals continue to use weak passwords, making them prime targets for hackers. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has its own guide on creating strong passwords that’s also worth a read.

The bottom line is that all organizations need to get on board with requiring strong, unique passwords that make it much more difficult for threat actors to guess. In our next Cybersecurity Awareness Month blog, we’ll cover multi-factor authentication (MFA), which is the perfect tool to pair with strong passwords to maximize protection.

Better Together: The Role of Women in Securing Our World

During a fireside chat last fall, Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly summed up the forward-looking stance that’s come to characterize her tenure. “We need to look at the possible,” she told audience members. “We’re all in this together.”

This philosophy of togetherness is what underpins the events of Cybersecurity Awareness Month each October. Every year, government agencies and the cybersecurity community come together to encourage individuals to play a more active role in keeping every aspect of our digital lives safe.

But this year’s Cybersecurity Awareness Month has been a true inspiration — and not just because it’s the 20th anniversary year. This October CISA also announced its new, enduring cybersecurity awareness program, “Secure Our World.” This exciting initiative was designed to encourage greater cyber-awareness across the U.S. by sharing ways that individuals, families, and small- and medium-sized businesses can minimize threats to our online universe.

With Secure Our World, Easterly and her team have done an amazing job of distilling a highly complex set of concepts into a powerful, bite-sized story. Some of the messages may be a bit oversimplified for those with working knowledge of cybersecurity, but given how uncommon this sort of knowledge still is, it’s definitely a step in the right direction.

Information security has been designated a government-wide high-risk area since 1997, and the federal government has focused on protecting critical cyber infrastructure since 2003. At no point in the 20 years since then has there been such a concerted and ongoing effort, globally or across the United States, to educate everyone about the importance of cybersecurity and our role in keeping our lives, and our families’ lives, secure. Dare I say it took a woman at the helm of CISA to help tell that story?

This sort of unique perspective is one of the reasons why it’s important to encourage women to enter the cybersecurity field. Today, the industry is only 25% female. And while that’s up dramatically from the 10% in 2013, women are still highly underrepresented.

This is unfortunate not just because women can bring so much to the cybersecurity community, but also because cybersecurity can offer such a fulfilling and enjoyable career. It certainly has been for me: I got my start with the Sourcefire marketing team, just after they were acquired by Cisco. The team — including then-CMO Marc Solomon, CP Morey, Jennifer Leggio and the company’s badass threat research team — welcomed me in.

While cybersecurity has its ups and downs like any industry, it’s been more than a dozen incredibly educational and rewarding years, and I’ve never looked back. Now that I’ve joined the team here at SonicWall, I’m super excited to bring my industry knowledge to a company with a rich history spanning decades. I joined SonicWall because of its phenomenal culture and established place in the cybersecurity industry, and because of its loyal partners.

I wholeheartedly agree with SonicWall’s vision. SonicWall is elevating its game, both in terms of empowering our partners and in upleveling our product and solution offerings. I’m excited for the chance to do my part to help further that journey.

It isn’t just a pivotal time for SonicWall, though. It’s a pivotal moment for cybersecurity in general. My work in cybersecurity has opened my eyes to so many dangers that a lot of people don’t even think about — and these risks are growing and expanding to some unexpected places.

I have a five-year-old and, unlike many of their friends, they don’t have a tablet. This might sound extreme, but I believe that if you leave online connected devices anywhere in your house, you’re basically letting a stranger into your home. From baby monitors that can be hacked to allow strangers to watch your children, to (often poorly secured) devices that track things like biometric data and the layout of your home, you can never be sure who’s watching what — or what they’ll do with the info they have.

This lack of visibility is just one of the reasons that initiatives like Secure Our World are so important. While there are so many benefits to the online world, risks abound. As end users, as employees, as parents — as citizens — we have to be more diligent about how we go about our digital lives. We can’t afford to see cybersecurity as “something tech workers do.” It must become something that all of us do.

That’s why, as a woman working in cybersecurity, I’m so excited to see what the future of CISA’s awareness initiatives holds. If this program someday becomes as well-known as, say, “Click It or Ticket” or “Safe to Sleep,” imagine how much more informed and safer the world could be!

National Cybersecurity Awareness Month: 20 Years of Securing Our World

Twenty years ago, the first Cybersecurity Awareness Month was celebrated—and every year since, it’s continued to serve as a reminder of the role we all play in ensuring the world’s networks remain safe.

Today, Cybersecurity Awareness Month has evolved into a collaborative effort between industry and government to enhance cyber-awareness, empower the public with actionable steps for reducing online risk, and encourage an ongoing dialogue about cyber threats on a national and global scale.

In concert with the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA), who administer the program, SonicWall will spend this month exploring ways to help organizations and individuals protect their information and secure their systems and devices.

What’s In Store for Cybersecurity Awareness Month 2023?

During the month of October, we’ll explore four primary themes, offering background, tips and actionable strategies to help everyone in the workforce engage in reducing cyber risk:

  • Use Strong Passwords: Strong passwords are long, random, unique and include all four character types. Password managers can be a powerful tool in helping ensure your passwords are optimized for online safety, not maximum convenience.
  • Turn On MFA: Passwords alone aren’t enough: If your credentials are compromised in a breach, anyone can access your accounts. But using Multi-factor Authentication (MFA) makes it significantly less likely that you’ll get hacked.
  • Recognize and Report Phishing: Phishing messages are getting more sophisticated every day. Be wary of any unsolicited message requesting personal information: Don’t share your credentials with anyone, and never share sensitive information unless you can confirm the identity of the requestor.
  • Update Software: While zero-day exploits continue to dominate discussions about cybersecurity, the sad truth is that many breaches are the result of unpatched vulnerabilities that are years old. Ensuring that your software is up to date is an important way to ensure you’re not leaving an open door for attackers.

How CISA Is Working to Secure Our World

In conjunction with the year’s Cybersecurity Awareness Month themes, CISA also announced a new initiative in celebration of the Cybersecurity Awareness Month’s 20th anniversary. “Secure Our World” will be a new, enduring cybersecurity awareness campaign unifying messaging across CISA’s span of awareness programs and other efforts.

Secure Our World is designed to shape cyber behaviors nationwide, with a particular focus on how individuals, families and small- to medium-sized businesses (SMBs) can make a difference. It will encourage everyone to take action each day to protect themselves while online or using connected devices.

In the meantime, don’t forget to check back frequently during October — we’ll be adding a new blog each week to help SonicWall users and the wider community become significantly safer online.