It’s officially National Cyber Security Awareness Month (NCSAM), the US government’s annual effort to get people thinking more about online and computer security issues.

NCSAM should never be taken as an invitation to focus on security in October while ignoring it for the rest if the year, but it’s good to bring attention to this issue whenever and however we can.

This year’s NCSAM theme is “Our Shared Responsibility,” a worthy idea – after all, if our friends, family and co-workers are sloppy about their security, it puts the rest of us at risk too.

One problem with multi-year awareness campaigns of this sort, however, is that it can end up sounding like a lost cause - a sense that, even after years of trying, we're no better off than we were at the beginning.

So instead of always beating up on people for getting security wrong, why not talk about some of the things we’re doing right – or at least getting a lot better at?

Here are five examples of ways our collective cybersecurity is looking up.

1. Fans of Mac and Linux are learning they aren’t "immune" to security problems.

A few years ago, you’d hear a lot about how OS X and Linux were "secure by design" or "couldn't get malware.”

Make no mistake, poor security on many Linux systems is still a huge problem, with cybercriminals using vulnerable Linux servers as vehicles to spread malware to Windows users.

And even if Mac malware isn’t as common, cybercriminals have plenty of vulnerabilities to exploit if Mac users aren’t careful about updating.

So it’s good that we're not hearing as much denial about these facts any more, meaning that the security message is getting through and we have a more unified front these days.

2. Two-factor authentication (2FA) is gaining acceptance.

Some years ago, there wasn't much acceptance of 2FA, because few organizations were offering it, and many users just weren't interested because it sounded like a real hassle.

That's changing, with more and more services offering some kind of one-time login codes, and more and more customers demanding the feature.

3. Social networks have an increasingly visible concern for privacy.

Yes, Facebook is still the service that people love to hate. But you have to take your hat off to Zuck and everyone at Facebook, because they really have changed their attitude.

There's the Privacy Dinosaur, there's the Security Checkup tool, and there's the Privacy Policy in plain English.

Facebook, among many other big tech companies, is even getting a bit of rep for standing up to The Man and fighting for strong encryption.

OK, Facebook isn’t perfect – it’s taken a privacy battering in the EU lately, and its new data-sharing features are still generally opt-out rather than opt-in.

But things have come a long way since 2010 when that “The Social Network” movie came out.

4. Encryption is becoming more widespread.

It's not many years since SSL/TLS, the padlock in your browser's address bar, was considered hard to do, so it was reserved for web traffic where it really couldn't be avoided.

The theory was that encrypted connections over TLS were too slow, and expensive, and troublesome, to be expected everywhere.

That has changed: today you can access lots of websites and services like Gmail, Outlook.com, Yahoo!, Twitter and Naked Security over an HTTPS connection.

5. We're doing a much better job with our passwords.

Actually, if we're honest, we still have a fair way to go before everyone is on board, but it’s good to praise those of us who have left their bad password habits behind.

For everyone else, why not kick off NCSAM by watching Sophos's video on “How to Pick a Proper Password?"

As always, make sure to keep up to date on all the best security news and advice on Naked Security, where we’ll be publishing a bunch of security tips and tricks throughout NCSAM (and all year round).

---------------------------------

Naked Security is Sophos's award-winning threat news room, giving you news, opinion, advice and research on computer security issues and the latest internet threats. https://nakedsecurity.sophos.com/2015/10/01/5-good-news-stories-to-kick-off-cyber-security-awareness-month/.