Start with grasping the significance: Most people know the terms — malware, spam, virus, trojan, denial of service, phishing, etc. and so may be deluded into thinking they know how these scams work. In fact, the techniques used in cybercrime represent levels of sophistication far beyond the grasp of most people and too many businesses.
So how is cyber security awareness best effected? Well, the Business Continuity and Risk Management community, of which I am a member, is proposing the education start at common points of interaction, including the popular social media sites and trusted organisational web pages. Getting end-users familiar with security and protocols for their most frequent online activities helps to create a level of expectation and promote awareness. Education is a mammoth task and there is no silver bullet.
The US Government has designated October as National Cyber Security Awareness Month (NCSAM) to promote awareness of the security risks associated with the computer age. In a world where the United Nations have declared the Internet “a key means by which individuals can exercise their right to freedom and expression,” is it any wonder that those same channels have become the target of the unscrupulous criminal, often seeking to exploit our naivety to gain access to our information and ultimately our funds? Governments worldwide have an important duty of care regarding the security of their citizens and the integrity of their infrastructure, and cyber security sits at the cornerstone of this duty. Business should get prepared and should not rely on governments alone.