As we wrap up Cybersecurity Awareness Month (CSAM) 2022, the final topic we’ll cover is updating software and patching vulnerabilities. According to the 2022 Data Breach Investigations Report (DBIR) from Verizon one of the top paths threat actors use to infiltrate organizations is exploiting vulnerabilities. And there appears to be no end in sight as the number of unique security vulnerabilities rose almost 10% in 2021, up to 20,142 from 18,351 in 2020.

The Anti-Phishing Working Group (APWG) Phishing Activity Trends Report reveals that in Q2 of 2022 there were 1,097,811 total phishing attacks. This marks the worst quarter for phishing observed to date, exceeding Q1 of 2022 which was the first time the three-month total exceeded one million.

In our previous Cyber Security Awareness Month (CSAM) blog we talked about the added value we as cybersecurity practitioners can bring to the table by sharing knowledge we take for granted with individuals across the organization that will ultimately help strengthen defenses. The first topic we covered was multi-factor authentication (MFA). CSAM’s next topic is using strong passwords. Here are a few tips we have found useful to share with colleagues, as well as family and friends.

Do a quick search for the top cybersecurity breaches thus far in 2022 and you’ll quickly be overwhelmed with reports of cryptocurrency thefts, attacks targeting multinational corporations and critical infrastructure, and nation-state backed attacks spurred by ongoing geopolitical conflict. It’s easy for individuals to let their guard down and think they’re safe because these complex attacks aren’t targeting them specifically.