Advocates for Change for Cyber Security Awareness Month

pip4V9WRwcebK8JohIA3C8K7 WXPsN8iWqeWEtLPoVvliTWYENIUZu8rMob9dwzYmOQmoYL1409UNdsa53PNpFLQGp oIP4D8a4NsUZWF bwFYmXeHkvG3Tg77ehuMEsDnTjJGxX=s0

The pandemic has prompted massive changes. Over the past 18 months, we’ve adapted and adjusted, implemented new processes and tools, and are acclimating to a “new normal.” While we’ve embraced an entirely new way to work, there is also a spotlight on how to do so securely. But the prevalence of vulnerabilities, exploits, and breaches is not new for the often underappreciated heroes behind the scenes—the security practitioners. 

So what has changed? The attacks have become increasingly more sophisticated and there has been a steady uptick in media coverage of large-scale cyber attacks and compromised infrastructure systems. In other words, the threats have evolved and the stakes are even higher, resulting in a growing emphasis on how to work securely.

This focus on cyber security isn’t just happening at the organizational level; government institutions are also passing mandates around expanded security measures to protect our digital lives (for example, the US President's Executive Order). New mandates and updated regulatory frameworks for digital security have catapulted this topic into the consciousness of everyone, not just practitioners. 

This heightened attention is a double-edged sword, as practitioners not only have to focus on keeping systems secure, but also spend time and resources on security education. Fortunately, as we breeze into October and temperatures change, the Information Security space starts to see an increased volume of cyber best practices and threat awareness campaigns from many different sources. 

Elevating cyber security awareness

The reason for this influx of knowledge sharing is because October is CyberSecurity Awareness Month. This year’s theme is to “Do Your Part. #BeCyberSmart,” which “empowers individuals and organizations to own their role in protecting their part of cyberspace.” According to the National Cyber Security Alliance, “If everyone does their part—implementing stronger security practices, raising community awareness, educating vulnerable audiences or training employees—our interconnected world will be safer and more resilient for everyone.” 

Cyber awareness is critical as we promote a culture of security within our organizations. We need to empower and educate all users—both internal and external—to take actions that will protect the expanded risk surface. Using multi-factor authentication, for example, will help mitigate the potential for a successful cyber attack. Thus, Cyber Security Awareness Month takes some of the burden off overtaxed security teams through increased security enablement. 

Addressing the shortage of diverse talent

Cultivating security awareness and sharing best practices shouldn't be our only area of focus. According to the 2020 Cybersecurity Workforce, the industry is currently in need of about three million qualified cyber security workers. The debate around whether there is in fact a talent shortage can be contentious, as is the topic of diversity in cyber security. But these statistics indicate that alongside knowledge sharing, it is equally important for us to nurture an open and welcoming community within the security space. By doing so, we can attract fresh, innovative perspectives and encourage the next generation of talent.

To tackle the shortage of diverse talent, several nonprofit organizations have formed. The result is an increase in conferences and communities that are designed to foster inclusion and bring in new talent. While these large-scale efforts help shine a spotlight on these areas, it ultimately comes down to the actions that individuals take to get involved and elevate the voices of others. 

Introducing our Cyber Security Advocates

As we drift into October, we wanted to broaden our focus from knowledge sharing to showcasing how to bring meaningful change to the security space. We will be highlighting the stories of Oktanauts and Auziros who are taking action, are involved in various committees, organizations, and communities, or have their own stories to share about breaking down barriers to enact change in the cyber security space. 

Throughout the month, we will be publishing a blog series featuring stories from our Cyber Security Advocates with a focus on community building. It is our hope that by sharing these stories, others may become inspired to dive into the world of cyber security and help address the shortage of diverse talent.

Excited to get involved and make a change? Stay tuned for our next post in this series, find out how Okta is committed to Diversity and Inclusion, or learn about our giving back initiatives through Okta for Good.