October: European Cybersecurity Month

Author: Vasilis Pergioudakis, OSI

It was back in October 2012 when the first European Cybersecurity Month (ECSM)[1] was celebrated. It was initiated by the European Union Agency for Cybersecurity (ENISA)[2] to raise awareness about cybersecurity threats and promote best practices across Europe. ECSM has grew to be an annual event, engaging the public and organizations through workshops, webinars, and campaigns aimed at improving online safety and cybersecurity practices.

Since the very first event, the ECSM has been reaching its key priorities by bringing together parties from across Europe under the slogan ‘Cybersecurity is a Shared Responsibility’ to unite against cyber threats. Each year, the campaign not only promotes the safer use of the Internet for EU citizens, but the organisers provide the knowledge and tools to do so.

#ThinkB4UClick

The events are held each year throughout the month of October and focus on different cybersecurity themes to address evolving threats and challenges. Especially in 2024, with ENISA celebrating its 20 years of operation and excellence while being supported by the European Commission and the EU Member States, it includes promotional events across Europe that all follow a particular theme:  #ThinkB4UClick.

The focus is on protecting against social engineering, a growing trend where scammers use impersonationphishing emails or fake offers to trick people into performing certain online actions or giving away sensitive or personal information. The campaign aims to promote cybersecurity among citizens and organisations and provides information about online security through awareness-raising activities and sharing of good practices. 

Social Engineering, as a threat category, brings together a wide range of activities that attackers launch when attempting to gain access to either information or services through exploiting human error or behaviour. Prime trait of this method is the use of manipulation techniques to trick their victims into sharing, by mistake, sensitive or private information. What users more frequently do is they might open documents, files or e-mails, to visit websites or to grant access to systems or services.  Social engineering can take place through various ways, including phishing[3], smishing[4], vishing[5], baiting[6] and pretexting[7].

The 2024 ENISA Threat Landscape report[8] revealed that phishing, along with pretexting via email, remains one of the most important initiation vectors, meaning that they continue to be a primary cause of extended cybersecurity incidents. Findings indicate that, especially during the end of 2023 there was still a notable increase in social engineering incidents.

But ECSM is also about rewarding organisations that thrived in the past year in producing material and / or services promoting the essence of ‘Cybersecurity is a shared responsibility’.

Award categories are the following: best video, best infographic, & best educational material. The ECSM awards concept is running for the third year. Participation is open to individuals, groups, academia and businesses and it shows a steady incrise.

This year’s awards were:

Best video: Belgium – Safeonweb’s fairy tales : Tech Scam (episode 2) (youtube.com)

Best Infographic: Spain – Principales configuraciones del router | Ciudadanía | INCIBE

Best Teaching material: Greece – Τεχνητή Νοημοσύνη: Συμβουλές για γονείς – ΑΙ: Tips for parents | SaferInternet4kids

In the course of October, the winning materials will be promoted through the ECSM social media channels, alongside the ECSM campaign.

The EU works on various fronts to promote cyber resilience. The EU Cybersecurity Strategy[9] aims to build resilience to cyber threats and ensure citizens and businesses benefit from trustworthy digital technologies, while the EU Cyber Solidarity Act[10] brings forward concrete measures that will allow the EU to respond to threats and attacks. Campaign material can be found in the relevant web pages of involved organisations and they are always updated with the latest content.

  1. [1] https://cybersecuritymonth.eu/
  2. [2] https://www.enisa.europa.eu/
  3. [3] https://csrc.nist.gov/glossary/term/phishing
  4. [4] https://www.ibm.com/topics/smishing
  5. [5] https://www.cisco.com/site/us/en/learn/topics/security/what-is-vishing.html
  6. [6] https://thecyberwire.com/glossary/baiting
  7. [7] https://www.sciencedirect.com/topics/computer-science/pretexting
  8. [8] https://www.enisa.europa.eu/publications/enisa-threat-landscape-2024
  9. [9] https://digital-strategy.ec.europa.eu/en/policies/cybersecurity-strategy
  10. [10] https://digital-strategy.ec.europa.eu/en/policies/cyber-solidarity
Scroll to Top