Hacktober 2019 – Improving Security Consciousness at Your Financial Institution
October is National Cybersecurity Awareness Month, so you may see companies raising cybersecurity awareness among their employees through a variety of activities. The goal is to make a security ethos a core part of workplace culture through activities that resonate with employees.
In recognition of National Cybersecurity Awareness Month, we’re sharing how you can enhance cybersecurity awareness among your employees.
Tips to Improve Security Consciousness
- Provide a safe space for employees to report security issues
- Secure code to prevent vulnerabilities
- Secure data to prevent the sprawl of Personally Identifiable Information (PII)
- Provide well-defined security policies and procedures
- Establish defense in depth controls (e.g., firewalls, antivirus, endpoint detection and response, data loss prevention)
- Develop an incident response strategy
- Establish advance relationships where third-party help maybe necessary (e.g., forensics)
- Host fun cybersecurity education activities for “Hacktober”
- Unauthorized software installation (e.g., browser extensions or software prohibited by company policy)
- Phishing and social engineering
- Team members tampering with security controls
- Misuse of system access and network privilege
Hacktober at Alkami
We take advantage of the month of October to embed security in the consciousness of the enterprise. Our design team creates a fun mascot (it’s a ninja this time around), which gets used in all events in the company during the month. We use a combination of deeply technical (e.g., how to avoid security vulnerabilities in code) and non-technical contests (e.g., strong password contest or cybersecurity word search) so that everyone feels comfortable participating.
Beyond Hacktober, we continuously conduct phishing and social engineering testing. We do our best to make these tests fun, but we also require training for those who fail the tests.
When an organization can rally around their security program, their security consciousness grows and defense against daily threats improves. Establishing a long-term vision and guiding principles for security in your organization will help keep you and your users secure.