banner

Thales Blog

Cybersecurity Awareness Month: Resilient Multi-factor Authentication (MFA) and Strong Passwords

October 4, 2022

Dirk Geeraerts Dirk Geeraerts | Security Evangelist More About This Author >

Historically, October has always been an important month for the cybersecurity community and a month of major cybersecurity events. So in 2004, the President of the United States designated October as Cybersecurity Awareness Month. This year, the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) coordinate the collaboration between the government and industry, running a human-centric campaign themed “See Yourself in Cyber”.

On the other side of the Atlantic, the European Union Agency for Cybersecurity (ENISA), in coordination with the EU Member States, will conduct the European Cybersecurity Month (ECSM) for the 10th consecutive year to promote cyber security among EU citizens.

The purpose of these events is to raise awareness about digital security and empower everyone to protect their personal data from digital forms of crime by adopting well established best practices, like the use of Multi-Factor Authentication (MFA) and establishing strong passwords.

Raising awareness is essential for everyone

As cyber threats and risks to technology and sensitive data proliferate widespread, the dissemination of cybersecurity information and best practices through educational awareness activities is critical for organizations and citizens on a worldwide scale to make informed decisions in their daily lives and protect themselves online.

October is for the cybersecurity world what Oktoberfest is for beer lovers. Awareness events foster to shape human attitude, enhance a positive culture against cyber threats, and educate businesses and people about protective measures they can take to secure their sensitive personal data:

  • Enable MFA.
  • Use strong passwords.
  • Recognize and report phishing.
  • Update software.

A CISA advisory highlights that, “MFA is one of the most important cybersecurity practices to reduce the risk of intrusions—according to industry research, users who enable MFA are up to 99% less likely to have an account compromised.”

Quantitative data on human cybersecurity awareness

Human cybersecurity awareness: easy to write about but extremely complicated to achieve, as it has to do with us, the (im)perfect species of humans, and our unruly minds. Cybersecurity is complex, but our cognitive domain is even more so.

How do people perceive cybersecurity? How much do they trust industries to keep their sensitive data secure? How do cyber attacks impact them, and how are they protected? The 2022 Thales Consumer Digital Trust Index data , based on an Opinium survey conducted in 11 countries with more than 21K participants, attempts to answer these questions.

The survey results showed there is a lack of consumer trust across industries to protect their data, as 4 out of 5 people have experienced a negative impact on their lives after a data breach. Most of the impact is fraudulent financial and personal information use and tailored scams based on their information.

The Thales Trust Index report indicates that more than 50% of the survey’s participants believe that organizations that suffered a data breach should be obliged to take data security measures by implementing encryption and user authentication protocols. Tangible changes and measures, like the use of phishing resilient MFA and strong passwords, are considered of great importance as they can mitigate future data breach risks and improve data security drastically.

Resilient multi-factor authentication and strong passwords are critical

GDPR and other data protection regulations help broaden our awareness about data privacy and make us more suspicious when it comes to protecting personal data and digital services. As cyber-attacks affect businesses and customers, the quest for optimum personal data protection is shared; both businesses and customers need to rebuild trust in their relationship and work together towards improving security and taking measures to reduce their exposure.

As we live in a fully digital world and all depend on web applications and machines, we tend to focus on their security and machine identities’ management, but what about the security of our identities and personal data? If we would like to implement sound cyber hygiene, we need to think of humans first and implement sturdy user authentication protocols.

The use of strong but user-friendly passwords and phishing-resistant MFA, coupled with a zero-trust strategy, will guarantee the security of our sensitive data security and the protection of our human “secrets”. No doubt, complexity is another cybersecurity enemy, and as so, we need to keep MFA and passwords simple to ensure that they are handy and resilient against cyber threats.

Read the full 2022 Thales Consumer Trust Index and find out more about events around Cybersecurity Awareness Month.