The European Cybersecurity Month (ECSM) is the European Union’s annual campaign dedicated to promoting cybersecurity among citizens and organisations, and to providing up-to-date digital security information through awareness raising and the sharing of good practices. Each year, for the entire month of October, hundreds of activities take place across Europe, including conferences, workshops, trainings, webinars, presentations, online quizzes and more, to provide resources for citizens to learn more about protecting themselves online.
The ECSM has been coordinated by the European Union Agency for Cybersecurity (ENISA) for over 10 years and is supported by The European Commission, Europol, The European Central Bank and EU Member States, EFTA countries, and more than 300 partners (governments, universities, think tanks, NGOs, professional associations, businesses) from Europe and beyond. Please visit cybersecuritymonth.eu/ @CyberSecMonth and cybersecuritymonth on Instagram.
Since the first event in 2012, the European Cybersecurity Month has been reaching its key priorities by bringing together parties from across Europe under the slogan ‘Cybersecurity is a Shared Responsibility’ to unite against cyber threats. Each year, the campaign not only promotes the safer use of the Internet for EU citizens, but the organisers provide the knowledge and tools to do so. In this year’s European Cybersecurity Month Campaign, we are diving deep into the world of Social Engineering, where cybercriminals employ clever manipulation tactics to breach our security defenses. #BeSmarterThanAHacker is the 2023 motto that refers to the knowledge and tools we need to protect ourselves from cybercriminals.
What is social engineering?
Social engineering occurs when someone is manipulated into performing actions or giving up sensitive and/or personal information. Scammers will use the information disclosed by the victims in tricky ways meant to deceive them. This is how attackers take advantage of their victim’s trust in digital communications. Being tricked into performing an action is how we unconsciously help attackers to perform the attack they have devised.
ENISA identifies and analyses current and future cyber threats including the trends around social engineering. The increase in collection of behavioural data can lead to more targeted phishing attacks. The use of emerging technologies such as artificial intelligence (AI) and automation by machine learning allow attackers to analyse user behaviour and launch targeted attacks.
The ENISA Threat Landscape has found that phishing has become the most common initial vector, meaning social engineering is the most popular attack type to gain access to an organisation. Once attackers have access to the inside of an organisation, further attacks can be carried out such as ransomware.
The campaign will draw the attention of users of all ages to the different social engineering techniques used by attackers against them and enable them exercise caution. Activities and information will be provided to help them get familiar with the various ways in which they can be tricked by cyber criminals. They will also learn how to identify and spot potential scams.
National Activities
In the light of the Cyber Security Month campaign, Spain will organize a set of activities to promote awareness and culture in cybersecurity, creating content through its communication channels (websites, social networks, etc.) and carrying out various actions and campaigns.
There are several Organisms involved: National Institute for Cybersecurity (INCIBE), National Cryptologic Centre (CCN), National Security Department, Joint Cyber Command, National Centre for Critical Infrastructures and Cybersecurity (CNPIC)… Regarding the private sector, there are many events and actions focused on that. All these Organisms and Companies will be spreading information by using their communications channels (webs, social networks, ..).Regarding the private sector, there will be many events and actions focused on this year’s theme, and DELTA90 willparticipate actively through various trainnings, seminars and the development of good practices guides, contributing to achieve this important objective.
If you want to know more this initiative, do not hesitate to follow us on our Twitter / LinkedIn networks, if you do not already do so, so you won’t miss any of our recommendations, or through the ECSM campaign itself on Twitter: @CyberSecMonth #BeSmarterThanAHacker #ECSM2023 #ThinkBeforeUClick #ThinkB4UClick #CyberSecMonth