As Cyber Security Awareness Month draws to a close, it’s a good time to reflect on how far we’ve come, and how much more we can do to keep our digital world secure.
By Harshit Mistry, Head of Information Security, GBST
October might be wrapping up, but our focus on cybersecurity shouldn’t fade with the calendar. At GBST, every month is Cyber Security Awareness Month. Still, these few weeks give us a valuable opportunity to pause, take stock, and remind ourselves that protecting data, and each other, starts with awareness.
This year’s theme, Secure Our World, captures it perfectly. The digital world is our world and safeguarding it is everyone’s responsibility. So, as we’ve been discussing throughout October, here are four topics that matter not just to those of us in Information Security, but to everyone who uses technology every day.
1. Phishing: The bait’s getting better
Remember when phishing emails were riddled with spelling mistakes and dodgy logos? Those days are gone. Today’s phishing attacks are powered by AI, designed to sound like your boss, your bank…or even you.
We’ve seen examples where a voicemail message was cloned using a manager’s real voice. That’s not science fiction. It’s happening right now.
The good news is that the defences are simple, and they start with you:
- Pause before you click.
- Hover over links to check where they lead.
- Look carefully at the sender’s address.
And if something feels off, report it. You’re not being overcautious, you’re helping to protect the entire organisation.
2. AI prompts: Cool tech, big responsibility
AI is helping us write faster, code smarter, and solve complex problems. But it’s not a safe space for confidential information.
Treat AI tools like you would a public forum: if you wouldn’t say it out loud in a crowded café, don’t paste it into an AI prompt. That means no passwords, no client data, no internal plans. Once something is shared with a public AI tool, it’s effectively out of your control.
Follow your organisation’s AI usage policy. Use internal tools where available. And remember: AI is a tool, not a vault. It’s powerful, but it doesn’t have a “forget” button.
3. Digital Hygiene: Keep your tech fresh
Cybersecurity isn’t just about complex systems or firewalls, it’s also about small, everyday actions that keep your digital environment clean and secure. Think of it as digital hygiene:
- Lock your screen when you step away.
- Use strong, unique passwords (and change them periodically).
- Avoid downloading unverified apps or browser extensions.
- Keep your software up to date.
These simple habits are like brushing your teeth. Miss them too often, and things can go wrong quickly. They might not feel exciting, but they’re your first line of defence against cyber threats.
4. Reporting: The Unsung Hero of Cyber Defence
Spotting something suspicious is only half the job. Reporting it is what turns awareness into action.
Whether it’s a strange email, an unfamiliar login prompt, or a pop-up that doesn’t look right, letting your security team know early can prevent a minor incident from becoming a major breach.
Reporting isn’t about getting someone into trouble; it’s about protecting everyone. The quicker the alert, the faster the response, and the stronger the overall defence.
Closing thoughts
In my time working in cybersecurity, I’ve seen the threats evolve from floppy-disk viruses to AI-driven scams. But one thing hasn’t changed: people remain both the strongest and the weakest link in any security chain.
Technology can only do so much. True resilience comes from awareness, habits, and shared responsibility. When we know better, we do better, and when everyone takes part, cybersecurity becomes part of the culture, not just a policy.
As Cyber Security Awareness Month comes to an end, let’s keep the conversation going. Ask questions. Stay curious. And remember: protecting data means protecting people: our colleagues, our clients, and ourselves.
Harshit Mistry is GBST’s Head of Information Security, leading initiatives to strengthen data protection and cyber resilience across the business
Posted in:
