CISA Offers Guidance on Cybersecurity Awareness Month’s 20th Anniversary

By | October 25, 2023

As the world’s digital ecosystem has grown and become more complex, Trent Frazier, deputy assistant director in the stakeholder engagement division at CISA, or the Cybersecurity and Infrastructure Security Agency, said on this episode of The Insuring Cyber Podcast that collaboration among government and industry will be key moving forward.

“I think we could say that the scale of our collaboration has grown to match the complexity of the ecosystem as a whole,” he said. “I think as we look at the continuing evolution of the digital ecosystem across the country, what we see now is that our digital lives and our physical lives are so intermixed and interconnected now that collaboration has to happen at scale across every interaction we have with that digital ecosystem. So, we now have collaborative efforts happening in real time where we have government and private sector folks working together on actual cyber incidents, sharing information, doing the analysis.”

His comments come as it is the 20th anniversary of October being recognized as Cybersecurity Awareness Month. In honor of the anniversary, the Cybersecurity and Infrastructure Security Agency, or CISA, launched a new campaign called Secure Our World.

This campaign offers simple steps individuals and businesses, including insurers, can take to keep themselves secure by promoting behavioral change across the U.S. The program has a particular focus on how individuals, families and small to medium-sized businesses can focus on what CISA identifies as four critical actions: using strong passwords, turning on multifactor authentication, recognizing phishing attempts, and updating software regularly.

“I think one of the reasons that we’ve launched Secure Our World as a new campaign is because we’ve really reached a pivot point in the expansion of that digital ecosystem, and that pivot point really reflects a transition from a time when what was digital and what was part of our physical lives were sufficiently discrete that we could sort keep them separate at a certain point,” he said. “Now, they’re merging so much that they are becoming part of what we consider our world … it really reflects our acknowledgement that we’re making that pivot now as a society to a world that is fundamentally underpinned by a digital ecosystem that must be defended.”

He said the growth in the digital ecosystem mirrors changes in the threat landscape as a whole as technology has increasingly become enmeshed in our daily lives.

“What we’re seeing now is that there are just an exponential number of new attacks that are exposed because of that interconnectedness between the digital world and our real world,” he said. “We are increasingly seeing that that expansion now is not only opening new attack services, but it’s really opening new avenues for adversaries to use more complex, challenging threat vectors as they’re carrying out those attacks.”

With this in mind, cybersecurity has become a fundamental part of daily live, he added, which is where collaboration comes in.

“We want to make security front and center to ensure that consumers are protected from the outset, and we’ve seen a lot of engagement with industry partners on how to bring that that vision,” he said.

The insurance industry is no exception as it has increasingly been working with the federal government on raising awareness about cybersecurity and finding solutions for cyber risk.

“We absolutely expect that collaboration to continue,” he said. “The real benefit at the outset and over time has been insurers are probably one of the stronger voices for translating cybersecurity into a deeper conversation about how cyber is a part of the financial health of an organization as a whole. It’s important because insurers can oftentimes translate discussions that normally would happen within the IT element of a business into conversations actually happening within and across the board, and that alone is oftentimes the vehicle for really bringing to bear a lot of deeper conversations about what industry and government can do to better protect business networks and users within those networks.”

He added that he believes insurers will become an increasing part of the government’s dialogue about the potential ramifications of large-scale cyber attacks because of their insight into the economy.

“They bring a lot to the conversation about what we should anticipate as we see increasingly interconnected networks and what could happen if those networks were compromised and thus disrupted by a cybersecurity attack,” he said. “We anticipate that the depth of that collaboration will grow and the scale of that current collaboration will have to evolve again as we anticipate the evolution in the threat landscape.”

Indeed, he added that cybersecurity “is increasingly becoming a team sport.”

“It’s no longer the case that government or cybersecurity professionals or industry by themselves can tackle the challenges in front of us,” he said. “This has to be a collective effort, so Secure Our World is sort of the next iteration of that collaboration where we want to ensure that every member of the team understands their part in the larger landscape and how we can work together to secure our networks.”

Check out the rest of the episode to see what else Trent had to say and be sure to check back for new episodes of The Insuring Cyber Podcast publishing every other Wednesday along with the Insuring Cyber newsletter. Thanks for listening.

Topics Cyber

Was this article valuable?

Here are more articles you may enjoy.