This is the 15th Anniversary of the first federal CyberSecurity Month
This month marks the fifteenth anniversary of the National Cyber Security Awareness Month (NCSAM). A collaborative effort between both the federal government and industry and led by the the Department of Homeland Security and the National Cyber Security Alliance, the NCSAM was created with the goal “…to ensure every American has the resources they need to stay safer and more secure online.”
Following the lead of the U.S Department of Homeland Security, in 2015 Massachusetts officially declared the month of October as National Cyber Security Awareness Month. In commenting on the occasion, Governor Baker said then,
This month is a great opportunity to raise awareness about the importance of cyber security for the people of Massachusetts, our businesses, and state government,” said Governor Charlie Baker. “The cyber security field also represents a great opportunity for Massachusetts to utilize the multidisciplinary collection of assets and capacities in our universities, our industries and our government to be a leader globally in cybersecurity services.”
The decision to dedicate the whole month to cybersecurity awareness was in response to the growing importance of cybersecurity for financial services. This need is only growing. In the wake of the news this week that Facebook suffered a massive data breaching of approximately 50 million accounts, no company is immune to a potential breach.
Current employees remain the top source of security incidents
According to the latest data from PricewaterhouseCoopers Global State of Information Security Survey for 2018, the main source of security incidents continue to arise from the actions of current employees.
Incidents attributed to hackers, competitors and other outsiders have declined. However, those attributed to insiders, such as third parties—including suppliers, consultants and contractors—and employees, have stayed about the same or increased.
— The Global State of Information Security® Survey 2018
With this statistic in mind, Agency Checklists thought it would be beneficial to revisit the following:
How insurance professionals can make the work place more cyber secure
Independent agencies and insurance companies alike hold a wealth of highly sensitive data. As such, it is important that companies, large or small, take a look at cyber security, not only as another line of insurance to offer their insureds, but as security measure to ensure the safety and protection of their clients data.
With that in mind, the following are some tips that the MassIT Enterprise Security Office has offered in the past as a way to ensure better cyber security. Agency Checklists is reprinting them again this year as they are tips that can be shared both in your office as well as with your insureds:
-
Make all passwords complex and be sure to implement a policy in which they are changed regularly; Better yet, look into the industry initiative SignOn Once; Also be sure to include a protocol to handle passwords from departing employees;
-
Only open emails or attachments from people you know;
-
Think about creating electronic and or physical back-ups or copies of your company’s most important data or work.
-
Keep an up-to-date computer, meaning that all computer programs and software are updated in a timely fashion;
-
Use a screen saver on your office computer that activate within a maximum of 15 minutes after no keyboard or mouse activity; this helps avoid a vulnerable work station resulting from an impromptu absence from your office due to a meeting, etc.
-
Lock your computer each evening by pressing “CTRL+ALT+DELETE then select Lock this computer”