Thales Blog

Cyber Security Awareness Month: Time to Act and Protect Trust

October 25, 2022

Carsten Maple Carsten Maple | University of Warwick More About This Author >

We’re approaching the end of Cyber Security Awareness Month, an annual event dedicated to increasing awareness of cybersecurity topics globally. In a world that increasingly faces cybersecurity risks and attacks, the event aims to encourage people, businesses, and institutions to adopt the correct cybersecurity practices to keep them safe from attacks on their data, personal information and finances.

The two key themes of the campaigns led by the United States and the European Union – ‘See Yourself in Cyber’ and ‘Think Before U Click’ - demonstrate that while cybersecurity may seem like a complex technical subject, ultimately, it’s really all about people.

Data breaches damage trust

“The proliferation of digital has seen us move from bricks and mortar stores and banks to online services. And whilst digital has often improved experiences through its ability to make processes easier, faster, and simpler, this shift has taken us on a rapid trust journey. In fact, for these digital services to be trusted, consumers must first be assured that they and their data is secure.”

Professor Carsten Maple, University of Warwick

Although digital transformations have put us generally more at ease, it only takes a second for hard-won trust to disappear. Thales has worked together with the University of Warwick to produce the 2022 Consumer Trust Index survey, which includes some interesting findings:

33% of consumers globally have become victims of a data breach

82% of the data breach victims report that they have seen a negative impact on their lives

What is worrying, though, is that although privacy regulations like the GDPR mandate the report of a data breach to the competent national authority, 11% of companies waited 6 months before informing their clients!

Time to act

The increasing number of cyber-attacks and their impact on our lives is having a profound negative effect on digital trust. The level of this trust varies across countries and continents:

Who least trusts digital platforms to hold and process personal data?

Who most trusts digital platforms to hold and process personal data?

Is this a misplaced confidence?

Because of the impact of data breaches, those aware of a breach are more likely to take additional precautions to protect their personal data than those who don’t know they are victims of a data breach. While organizations are responsible for implementing robust security practices, it is equally important that consumers look to protect themselves against external threats too.

Implementing a resilient multi-factor authentication and choosing unique and strong passwords are essential for building better defenses to protect our data, there are also additional steps that citizens can take.

Recognize phishing

Phishing is a popular tactic for cybercriminals. Cybercriminals increasingly employ social engineering tactics because they are effective. Anyone can be caught by the right phish at the wrong time. Besides affecting many businesses, phishing is also used to compromise people and families through social media or email.

Cybercriminals have grown increasingly convincing and persuasive in their phishing attempts. According to Jessica Barker, social engineering is effective because it manipulates our emotions to cloud our judgment. Everything depends on how we take in information. Cybercriminals want us to think quickly while we are still susceptible, emotional, and simple to control. They manipulate our emotions to persuade us to click questionable links, download dangerous attachments, and disclose our credentials.

Spend a few moments ensuring an email or message is legitimate before clicking any links or downloading any attachments. Recognizing a bogus email or message as part of a criminal's phishing campaign can be challenging.

  • Do not follow the instructions if you receive a suspect email.
  • Do not reply to the email or click any links, not even the unsubscribe button.
  • Press the delete button, and then strengthen security by blocking the sender’s address in your email program.

Keep your software updated

Keep your information secure. Software updates are one of the simplest ways to stay one step ahead of the bad guys. Criminals are always on the lookout for the easiest way into our personal data, and vulnerable software is an easy target.

When you keep your software updated, you achieve two essential security goals.

  • Make the attacker’s life harder. Threat actors view software flaws as unlocked doors that provide them access to infect systems with malware. Software security updates close these open gateways to prevent attacks on a system.
  • Safeguard your data. A threat actor that gains access via a software security gap will want to compromise personal data, including passwords and financial information. Your data is better protected when software is updated to address known vulnerabilities.

Here are two tips for downloading and installing updates.

  • Download software updates solely from the software vendor. Software that has been cracked or used without a license frequently has viruses and creates more issues than they fix.
  • Automate the process. The option to automatically update your program is typically defaulted by software vendors. Please do not change this setting and allow automatic updates.

So, this October and every month of the year: Let’s commit and do our part to #BeCyberSmart.