Smart house

We know and understand that as a security awareness professional you most likely do not have the time nor resources to prepare for October’s National Cyber Security Awareness Month (NCSAM), or CyberSecMonth as it’s known in Europe. That’s why for the fifth year in a row we have done all the hard work for you with the NCSAM Planning Kit.  The kit defines activities and provides resources for every day of the month, ensuring your program is a success and you are a hero.

WEEK 04: The theme for the fourth and final week of October is Safeguarding the Nation’s Critical Infrastructure.   The goal of this week is to bring a focus on how the Internet is no longer just about data, but our physical world.  Water treatment plants, power generation, transportation, agriculture and just about every other part of our lives are interconnected now.  This means cybersecurity is no longer just about protecting data but about protecting the physical world we live in.  To help people better understand the concepts of “Industrial Control Systems”, “Critical Infrastructure” or “Internet of Things (IoT)” we recommend you focus on Smart Home Devices.  This way you are covering the same concepts but at a personal level since just about everyone has some type of device at home interconnected (thermostats, home speakers, gaming consoles, baby monitors, indoor lighting, door locks, etc).

If you have not done so yet, review the NCSAM Planning Matrix (included in the kit) and identify the activities and resources you want to leverage for this week.  For Monday, start by using the communications template to let people know what to expect this week and WHY they should care.  Once again, for engagement we recommend focusing on the personal hook, the devices in their homes.  For Tuesday distribute the OUCH newsletter on Smart Home Devices.  For Wed, have a guest speaker come in and provide a perspective on the latest cyber threats.  Don’t have time or could not find a guest speaker?  Check out all the alternative options we provide in the NCSAM Planning Kit.  On Thursday cover one of the key steps to securing smart devices, changing default passwords and replacing them with strong, unique passphrases.  Finally, on Friday introduce people to the SANS Tip of the Day program so they can stay current and update with the latest tips long after October is done.

As always, if you want to mix things up be sure to check out the Optional Activities reference in the Planning Kit for additional / different ideas you can use also.  If you have any questions about leveraging the NCSAM Planning Kit, just reach out to me at

SANS Security Awareness NCSAM 2018 blog CTA