The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the National Cyber Security Alliance, kicked off the 16th annual National Cybersecurity Awareness Month (NCSAM) today. This year’s theme Own IT. Secure IT. Protect IT. focuses on the important role every American plays in cybersecurity. Held annually in October, NCSAM is a collaborative effort between government and industry to raise awareness about the importance of cybersecurity and to ensure every American has the resources they need to be safer and more secure online.
“Every one of us has a seemingly ever expanding digital footprint – across a range of devices and accounts, at home, at work, or at school, and locking down that footprint is a never-ending job,” said CISA Director Christopher Krebs. “The consequences of not getting security right go well beyond just having to get a replacement credit card. The decisions we make online can have local, regional, and even global implications. It shouldn’t be this hard, but it’s also not hopeless – with this National Cybersecurity Awareness Month, we’re aiming to focus on a handful of simple steps we can all take to raise our collective security to the next level and make the bad guys’ jobs that much harder.”
NCSAM 2019 highlights simple and proactive steps everyone can take to enhance their cybersecurity awareness, whether at home, in the workplace or on the go. More than 1,100 organizations and 600 individuals have already pledged their support for NCSAM. We encourage everyone to do their part and take these steps to become cyber secure:
- Double your login protection. Enable multi-factor authentication (MFA) to ensure you are the only person who has access to your account. Use it for email, banking, social media and any other service that requires logging in.
- Shake up your passphrase protocol. Consider using the longest password or passphrase permissible. Get creative and customize your standard passphrase for different sites, which can prevent cybercriminals from gaining access to these accounts and protect you in the event of a breach. Use password managers to generate and keep track of different, complex passphrase for each of your accounts.
- If you connect, you must protect. Whether it’s your computer, smartphone, gaming or other network devices, the best defense against viruses and malware is to update to the latest security software, web browser and operating systems. Sign up for automatic updates, if you can, and protect your devices with antivirus software.
- Play hard to get with strangers. Cybercriminals use phishing tactics, hoping to fool their victims. If you’re unsure who an email or message is from ̶ even if the details appear accurate ̶ or if the email looks “phishy,” do not respond and do not click on any links or attachments found in that email. When available use the “junk” or “block” option to no longer receive messages from a particular sender.
- Never click and tell. Limit what information you post on social media. What many people don’t realize is that these seemingly random details are all cybercriminals need to know to target you, your loved ones and your physical belongings ̶ online and in the physical world. Disable location services that allow anyone to see where you are – and where you aren’t – at any given time.
- Keep tabs on your apps. Most connected appliances, toys and devices are supported by a mobile application. Your mobile device could be filled with suspicious apps running in the background or using default permissions you never realized you approved —gathering your personal information without your knowledge while also putting your identity and privacy at risk. Check your app permissions and use the “rule of least privilege” to delete what you don’t need or no longer use. Learn to say “no” to privilege requests that don’t make sense. Only download apps from trusted vendors and sources.
- Stay protected while connected. Before you connect to any public Wi-Fi, be certain to confirm the name of the network and exact login procedures with appropriate staff to ensure that the network is legitimate. If you do use an unsecured public access point, practice good cyber hygiene by avoiding sensitive activities (e.g., banking) that require passphrases or credit card numbers. Your personal hotspot is a safer alternative to free Wi-Fi. Only use sites that begin with “https://” when shopping or banking online.
Everyone has the responsibility to maintain a level of cybersecurity awareness and we encourage every American to make the choice to be proactive not just during NCSAM, but as a part of your daily routine year-round.
For more information about National Cybersecurity Awareness Month, or to download the toolkit, tip sheets and graphics, visit https://www.cisa.gov/NCSAM.