Skip to main content
Microsoft Security
Cybersecurity Awareness Month

#BeCyberSmart

When we learn together, we’re more secure together

The state of
cybercrime
The hybrid reality of 2020-2021 brought the issue of cybercrime to the fore. Now more than ever, governments and corporations are working together to pass laws and allocate resources to combat it.
>24 trillion signals processed daily by Microsoft
$1 compromised credentials typically sell for $1 to $50 USD
>300 million devices (globally) impacted by ransomware last year
Nation-state
threats
These threats are defined as cyber threat activity that originates in a particular country with the apparent intent of furthering national interests. Nation-state attacks represent some of the most advanced and persistent activity Microsoft tracks.
46% of nation-state threats observed by Microsoft were directed at organizations in the United States
79% of attacks targeted governments, NGOs, and think tanks
140 nation-state actors actively tracked
Supply chain and
IoT/OT security
Some of the most fertile areas for attack included supply chains and OT systems that support business and public infrastructure. Weak passwords ranked among most exploited security vulnerability for IoT devices. We analysed over 280,000 attacks on IoT/OT devices over 45 days, and learned:
96% of attacks used a password under 10 characters
72% required only trying a password of 6 characters or less
>20 million times the password “admin” was used in IoT devices
Security and the
hybrid workforce
The shift to remote work created new attack surfaces, such as home devices being used for business purposes. Simple security hygiene such as using multifactor authentication (MFA) and applying software updates could have reduced the impact of cybercrime on compromised organizations.
81% of enterprise workplaces moved to hybrid
50 million password attacks occur daily
20% of users employed strong authentication such as MFA
A man is climbing up a wind turbine.

Get briefed on Cybersecurity Awareness Month

Stay sharp

Cybersecurity 101 training

Learn more
Feature article

Why is Cybersecurity Awareness Month important?

October is Cybersecurity Awareness Month, and this year it highlights the importance of cybersecurity education for all around the theme: Do your part. #BeCyberSmart. With more workers using personal and corporate devices interchangeably, it's even more important to be cyberaware. As new vulnerabilities arise, “security for all” becomes even more integral to organizational success.

Read the article See all
Feature article

Strengthening supply chain and IoT/OT security

Get insights on securing your supply chain and IoT/OT devices against sophisticated new cyber threats. Learn about the latest threats from the Microsoft Digital Defense report and how a Zero Trust strategy can help you strengthen your environment.

Read the article See all

Educate your organization

Cybersecurity 101
Slide %{start} of %{total}. %{slideTitle}

Insights for security professionals

Podcast

Top CISOs talk technology and security

Tune in to Security Unlocked, where experts explore the technology and people powering Microsoft's Security solutions. Hear what Microsoft CISO Bret Arsenault and security experts from Lululemon, TikTok and Vodafone have to say about the latest trends in security.

Listen now
Cico Series Logo
Learn and explore

The security training and certifications you need, all in one place

Microsoft is committed to helping you build a safer world for all. Explore the Microsoft Security Technical Content library to find learning content relevant to your needs.

Learn more
Video

Getting to the bottom of the NOBELIUM attack

Have you ever wanted to get inside the minds of threat actors? Check out this fascinating and historical look into the largest nation-state attack of all time.

Watch now
Decoding Nobelium Logo

Microsoft education events

Career opportunities

Cybersecurity depends on diversity. It depends on you.

Join Microsoft Security and Girl Security as we dispel important myths about cybersecurity careers, engage in dynamic skill-building, and hear first-hand from women leaders in cybersecurity.

Learn more
Career opportunities

Students: You’re invited to learn, explore and accelerate

Learn from Microsoft Executives, explore the latest technologies and accelerate your career path in cybersecurity. Sign up for cybersecurity certifications training at the Microsoft Student Summit, October 18-20, 2021.

Learn more
Continued learning

Business security training to #BeCyberSmart

Microsoft Store invites you to #BeCyberSmart as you strengthen your security, prevent phishing attacks, safeguard remote devices, and protect against identity theft in an hour long training session.

Register now