Countdown to CSAM: How to extend the impact of CSAM beyond October

The impact of CSAM shouldn’t end on October 31st. The goal of a successful Cyber Security Awareness Month is to increase engaged learning and a positive security culture for the entire year. But, how do you ensure the impact from CSAM events carries over to the rest of the year?

In the final blog of Countdown to CSAM we share the best strategies for integrating your CSAM findings and improvements into the rest of the year. 

Why the focus on continuous impact?

Cyber threats don’t stop at the end of October, and neither should your cybersecurity efforts. Focusing on continuous impact ensures that the security knowledge employees gain during CSAM doesn’t fade but instead becomes ingrained in their daily activities. 

This continuous knowledge integration ensures all the time and money spent on CSAM is worth it. If the security of an organization comes out of CSAM the same as it was before, the resources have all gone to waste. 

By fostering continuous engagement and learning, you’ll help employees retain the knowledge they acquired all month and carry on the curiosity and passion curated for cybersecurity. 

How to carry on the impact 

Collect feedback during conversations and interviews

During CSAM, there’s a wealth of feedback to collect from employees, whether through coffee chats, interactive panels, or casual conversations. These insights provide valuable information on what resonates with and worries your team — and where improvements can be made in your cybersecurity training. 

What to do: Take note of any comments or suggestions made during October events (Bonus: Have CSAM interviews and coffee chats solely for feedback purposes). Once the month concludes, analyze the feedback and track keywords using an Excel sheet to identify trends. Have a meeting with your security team to review the trends and plan what improvements can be made for the rest of the year. 

Why it matters: Employee feedback can help guide your future cybersecurity initiatives and ensure that they’re relevant and engaging. Using this information to improve next year’s CSAM guarantees a lasting impact from October’s efforts. 

Launch a calendar for the next 12 months

Instead of letting CSAM be a one-time event, use it as a springboard to plan a year-long series of cybersecurity activities. By creating a calendar for the months ahead, you can keep cybersecurity education and awareness alive well beyond October. 

What to do: Create a 12-month calendar with a different cybersecurity theme for every month. Each month includes events, workshops, or training sessions based on the month’s theme. In October, have a “launch party” or an exciting announcement for the next year’s calendar. 

Why it matters: A structured, ongoing plan helps ensure employees stay engaged with cybersecurity throughout the year, rather than viewing it as a once-a-year topic. By hosting a launch party or announcement, you can create buzz and excitement around the upcoming months. 

Recruit Cyber Champions 

During your Cyber Security Awareness Month events, keep an eye out for the team members who seem the most passionate about cybersecurity. Who attends the most events? Who asks the most questions? Performs the best in case cracks? 

These eager employees can become “Cyber Champions”, employees who help spread awareness, encourage best practices, and keep their teams vigilant all year long.

What to do: Keep note of employees who were highly engaged during CSAM events. Near the end of the month, reach out to each person to see if they would be interested in continuing to champion cybersecurity in their departments or teams for the rest of the year. 

Why it matters: By recruiting Cyber Champions, you’ll have a network of individuals who can help keep cybersecurity at the forefront of your organization’s culture.

Grow your communications channels 

Effective communication is key to sustaining cybersecurity awareness. During October, encourage employees to join dedicated communication channels where cybersecurity topics are regularly discussed. 

What to do: At CSAM-themed events, use QR codes or links to promote joining your security communication channels. The links can lead to an optional Slack group or email newsletter focused on cybersecurity. Throughout the rest of the year, use these channels to share interesting news articles, fun podcasts, or secret challenges to keep employees engaged.

Why it matters: Joining these channels allows security teams to communicate regularly with those who have expressed interest in cybersecurity. Making these channels optional, also gives the employees a chance to reflect on why they want to join and what they want to learn about. 

Report your success 

Was your CSAM successful if you didn’t write it down? Showing the impact of your CSAM efforts can not only help the security team feel proud but can also help secure more resources and executive support for future initiatives. 

By creating a report that highlights the success of the awareness campaign, the value of ongoing cybersecurity efforts and events can be shown. 

What to do: Gather data from your CSAM activities—such as participation rates, feedback, and change in performance—and compile it into a report. After October is finished, book a meeting with your executives to review the report and garner additional support for future campaigns.

Why it matters: A strong report can help justify the need for employee time, additional tools, or training opportunities. These resources will determine the level of impact you can have for the rest of the year and next October. 

Remember, CSAM is just the beginning. By focusing on continuous impact, you can ensure that the lessons learned in October stick with your team and that cybersecurity remains a priority long after the month ends. Collecting feedback, planning year-round activities, recruiting Cyber Champions, growing your communication channels, and reporting your success are all vital steps to creating a sustainable cybersecurity culture that lasts the entire year.

Best of luck with this CSAM, everyone!