Cybersecurity Awareness Month 2025

Cyber Shield participants compete in the annual “NetWars” games during the Cyber Shield training event held at the Virginia National Guard State Military Reservation in Virginia Beach on June 7, 2024. (North Carolina National Guard photo by Staff Sgt. Hannah Tarkelly)

This year’s Cybersecurity Awareness Month comes as evolving attacks have targeted critical infrastructure and agency cuts have raised concerns about security collaboration and integrated defense. Traditionally, this month emphasizes that cybersecurity starts at the ground level with every user, every home and every organization. Join Threat Beat as we bring you news, analysis and discussion on security trends, cyber hygiene, resilience and more throughout October.

Hurricane Helene brought down power lines and telephone poles in Chimney Rock, N.C., as seen Oct. 10, 2024. (Photo by Michel Sauret/U.S. Army Corps of Engineers Pittsburgh District)

Critical infrastructure sectors on the most concerning threats – and needed solutions

SYMPOSIUM: With critical infrastructure constantly under myriad threats, sector-focused information sharing and analysis centers and organizations collect, analyze and disseminate actionable cyber and physical threat information to stakeholders and provide them with tools to mitigate risks and enhance resiliency. To mark Cybersecurity Awareness Month, Threat Beat asked:

1) What is the most pressing short-term security concern in your sector?

2) What is one thing the public and/or industry/government can do now to address this?

Safeguarding states: Governors mark Cybersecurity Awareness Month

To help mark the annual observance, many Governors have issued Cybersecurity Awareness Month proclamations – including Illinois Governor JB Pritzker and Vermont Governor Phil Scott – to help increase public awareness about the role individual Americans can play to bolster cybersecurity within their own homes and communities. The proclamations also augment many of the actions Governors take on an ongoing basis to implement policies that seek to protect their constituents as well as state government and critical infrastructure. Recent examples from Arkansas, New Mexico, New York and Ohio help illustrate examples of cybersecurity policies Governors have been advancing in recent months.

How scammers exploit trust and FOMO: Kicking off Cybersecurity Awareness Month with Lisa Plaggemier

Lisa Plaggemier, executive director of the National Cybersecurity Alliance, joins host Frank Cilluffo on Cyber Focus to discuss how public education can combat online scams, fraud and cyber threats. With billions of campaign impressions and only a nine-person team, the Alliance focuses on motivating behavior change through creative, jargon-free outreach. Plaggemier explains how scams like pig butchering are orchestrated by organized crime and even nation-state actors — and why the U.S. needs a coordinated national response. The episode highlights the growing need for cross-sector data sharing, targeted messaging for seniors, and a “scam czar” to unite fragmented efforts. As Cybersecurity Awareness Month kicks off, the conversation underscores how individual actions and shared responsibility can help close critical gaps in digital safety.

DHS and CISA announce Cybersecurity Awareness Month 2025

This campaign engages with all levels of government and businesses big and small. It calls on everyone – state, local, tribal and territorial (SLTT) governments, small and medium businesses, and entities involved in our supply chains – to take cybersecurity into their own hands to secure the Homeland in a world of constantly-evolving threats.

National Cybersecurity Alliance kicks off Cybersecurity Awareness Month

Cybersecurity Awareness Month is a global initiative that raises awareness about online safety and empowers individuals and businesses to protect themselves from cybercrime. For more than two decades, Cybersecurity Awareness Month has been dedicated to teaching everyone how to stay safe and secure online. This initiative would not be possible without the collaboration and partnerships between the public and private sectors that built this campaign.

CISA’s playbook for defending critical systems with Chris Butera and Bob Costello

Recorded right after their joint appearance on stage at Black Hat 2025, CISA Associate Director Chris Butera and CISA Chief Information Officer Bob Costello joined host Frank Cilluffo on an August episode of Cyber Focus to unpack the agency’s current playbook for defending critical systems. They discuss urgent updates to the Known Exploited Vulnerabilities (KEV) catalog, efforts to remove internet-exposed OT systems and the recent funding crisis for the CVE program. The conversation also explores workforce development inside CISA, the importance of reauthorizing CISA’s 2015 authorities and emerging risks across global supply chains.

Cybersecurity Awareness Month: 10 things to know in 2025

Cyberattacks are on a steep rise. Over the past four years, their average weekly number has more than doubled: from 818 per organization in the second quarter of 2021 to 1,984 in the same period this year. In the last two years alone, the global average number of weekly attacks encountered by organizations grew by 58%. At the same time, the World Economic Forum’s Global Cybersecurity Outlook 2025 points to an increasingly complex threat landscape. From geopolitical tensions to the impact of cybersecurity and AI, businesses’ vulnerabilities are growing rapidly. Adding to this is a widening skills gap impeding their efforts to step up defences. Small businesses are particularly exposed, with seven times more organizations reporting insufficient cyber resilience than in 2022.

Inside the UK’s cyber strategy: Richard Horne on resilience, risk and AI

How is the UK tackling rising cyber threats, ransomware and the risks of AI? In this episode of Cyber Focus, Richard Horne — CEO of the UK’s National Cyber Security Centre (NCSC) — joins host Frank Cilluffo to explore how nations and organizations can build resilience in the face of rapidly evolving digital threats. Drawing on his leadership across government and the private sector, Horne breaks down the UK’s national cybersecurity strategy, the growing gap between threat actors and defenses and the global importance of partnerships such as Five Eyes. He also shares sharp insights on the role of AI, software vulnerabilities and the need for shared responsibility in cybersecurity.

USPS Cybersecurity Awareness Month campaign connects staying informed with staying safe

The Postal Service is marking its 10th year of observing Cybersecurity Awareness Month. This annual observation, occurring each October, is sponsored by the Cybersecurity and Infrastructure Security Agency and the National Cybersecurity Alliance. The Postal Service’s cybersecurity efforts are led by the USPS Corporate Information Security Office, or CISO. This year’s theme — “Stay Informed. Stay Secure. Stay CyberSafe.” — emphasizes the vital role cybersecurity plays in advancing the organization’s mission, and it stresses how each individual’s awareness strengthens the organization’s overall security.

NSA vs. zero-days: Kristina Walter on speed, scale and stopping cyber threats

Kristina Walter, chief of the NSA’s Cybersecurity Collaboration Center, joins Cyber Focus to explain how the agency partners with private industry to block threats, identify zero-days and defend U.S. critical infrastructure. Walter highlights how collaboration with industry has uncovered Chinese cyber campaigns like Volt Typhoon, the importance of trust and actionable intel, and why resilience — not perfection — is the new security standard. She also breaks down NSA’s efforts on AI security, post-quantum cryptography and workforce agility.