Connect with your clients to prepare for Cybersecurity Awareness Month
Every October, Cybersecurity Awareness Month serves as a global reminder that digital safety is everyone’s responsibility. Launched in 2004 by the U.S. Department of Homeland Security and the National Cybersecurity Alliance (NCA), this initiative has grown into a collaborative movement involving governments, businesses, educational institutions and individuals around the world. Its goal is to promote simple, effective steps for safer online behavior.
Cybersecurity Awareness Month’s 2025 theme, “Stay Safe Online,” highlights the easy, everyday actions people can take to protect themselves, their families and their businesses from online threats. For independent insurance agents and brokers, the month presents a dual opportunity: 1) strengthen your agency’s own cyber posture and 2) connect with clients around a topic that’s increasingly important to both households and businesses.
Cybersecurity tips for insurance agents and brokers
Cyber threats don’t just target large corporations. Agencies of all sizes are vulnerable, and the consequences of an attack can be costly. Take time this October to review and reinforce your agency’s own cybersecurity protocols. Start with these four essential practices:
1. Prioritize strong, unique passwords
This foundational tip is still one of the most effective defenses. Require all employees to use strong, unique passwords and change them regularly. Consider using a password manager to generate and store complex passwords securely. Avoid reusing passwords across platforms, especially for accounts tied to client or financial data.
2. Enable multi-factor authentication (MFA)
MFA adds another layer of protection by requiring an additional step to verify a user’s identity. This could be a one-time code sent to your phone, a fingerprint scan or an authentication app. Research by Microsoft shows that MFA can block more than 99.2% of account compromise attacks.1 Wherever possible, enable MFA—especially for systems that handle sensitive data.
3. Stay current with software updates
Cybercriminals often exploit known vulnerabilities in outdated software. Ensure all agency devices, apps and operating systems are regularly updated. Enable automatic updates when available and coordinate with IT or software vendors to maintain security patches for agency management systems or client-facing portals.
4. Regularly back up your data
Cyberattacks like ransomware can lock you out of your own data. A secure, regularly tested backup system can mean the difference between a minor disruption and a full-blown crisis. Store backups separately from your main network and test them periodically to ensure data integrity.
Talking about Cybersecurity Awareness Month with clients
You don’t have to be a cybersecurity expert to guide your clients toward safer practices. Cybersecurity Awareness Month offers a natural opening to start the conversation. Here are some ways you can engage:
- Host a community presentation: Offer to speak at a local library, school, senior center or small-business group. Keep the message friendly and focused on empowerment, not fear. Tailor your talk to the audience’s comfort level with technology and share a one-page handout with practical tips and helpful resources.
- Create downloadable client guides: Prepare a tip sheet your clients can use at home or work. Include topics like recognizing phishing emails, using secure Wi-Fi and the importance of software updates. Link to trustworthy sources such as the Cybersecurity and Infrastructure Security Agency and the NCA.
Resources from Nationwide’s Cyber Resource Center
- Empower clients with actionable advice: When you speak with business clients, encourage them to review their own cyber readiness, especially if they handle customer data, process payments online or rely heavily on digital systems. Offer to connect them with risk control experts or review their cyber insurance coverage options.
- Encourage a culture of openness: Emphasize that clients should feel safe admitting if they clicked on a suspicious link or downloaded the wrong file. Mistakes happen, and early detection is key.
Cybersecurity Awareness Month ideas for your agency
If you’re looking to go beyond tips and training, here are simple ways to promote Cybersecurity Awareness Month within your agency and across your client base:
- Build a campaign. Create a campaign outlining your agency’s involvement in Cybersecurity Awareness Month. Share the four key actions promoted by the CISA and the NCA:
-
- Use strong passwords and a password manager
- Turn on multi-factor authentication
- Recognize and report phishing
- Update software regularly
Consider adding these themes to your agency’s client newsletter or email campaigns throughout October.
- Share on social media: Join the national conversation by posting cybersecurity tips on LinkedIn, Facebook or Instagram. Use the hashtag #CybersecurityAwarenessMonth. You can customize the CISA’s ready-to-use graphics with your agency’s logo and voice.
- Host a contest or event: Organize a quiz, phishing simulation or poster contest for employees or clients. Offer small prizes to winners. These interactive efforts increase awareness and engagement, making the message stick.
- Share on your website: Share details on how your business is taking action for Cybersecurity Awareness Month. You could include a quote from your leadership about the importance of cyber hygiene. Reiterate your commitment to educating clients and helping them manage digital risks.
A final word on cybersecurity readiness
Cybersecurity Awareness Month reminds us that small, intentional steps can go a long way in protecting what matters. From strengthening your agency’s defenses to educating your clients and community, this is your chance to be a trusted voice in digital safety. Cyber risks are growing, but so are the resources and tools available to help protect against them.
Start the conversation today and let October be your springboard for year-round cybersecurity engagement.