Celebrating National Cyber Security Awareness Month

    Celebrating National Cyber Security Awareness Month

     

    Every October since 2004, National Cyber Security Awareness Month (NCSAM) is observed in the United States. Started by the National Cyber Security Division within the Department of Homeland Security and the nonprofit National Cyber Security Alliance, the NCSAM aims to spread awareness about the importance of cybersecurity. The National Cyber Security Alliance launched NCSAM as a large effort to improve online safety and security. Since 2009, the month has included an overall theme, for 2020 we celebrate “Do Your Part, #BeCyberSmart”. Weekly themes throughout the month were introduced in 2011. This year, our weekly themes will be as follows:

    • Week of October 5 (Week 1): If You Connect It, Protect It
    • Week of October 12 (Week 2): Securing Devices at Home and Work
    • Week of October 19 (Week 3): Securing Internet-Connected Devices in Healthcare
    • Week of October 26 (Week 4): The Future of Connected Devices

    If You Connect IT. Protect IT.

     

    October 1, 2020, marked the 17th annual National Cybersecurity Awareness Month (NCSAM), reminding everyone of the role we all play in online safety and security at home and in the workplace. Brought forth by both the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cyber Security Alliance (NCSA), NCSAM is a joint effort between government and industry to make sure every American has the resources they need to stay safe and secure online. 

    To kick off National Cyber Security Awareness Month, here are some tips to stay say online:

    Enable multi-factor authentication (MFA). This ensures that the only person who has access to your account is you. Use MFA for email, banking, social media and any other service that requires logging in.

    Use the longest password allowed. Get creative and customize your standard password for different sites, which can prevent cybercriminals from gaining access to these accounts and protect you in the event of a breach. Use password managers to generate and remember different, complex passphrase for each of your accounts.

    Protect what you connect. Whether it’s your computer, smartphone, game device or other network devices, the best defense against viruses and malware is to update to the latest security software, web browser and operating systems. 

    Limit what information you post on social media.  Cyber criminals look for everything, from personal addresses to your pet’s names. What many people don’t realize is that these seemingly random details are all cybercriminals need to know to target you, your loved ones, and your physical belongings. Keep Social Security numbers, account numbers and passphrases private, as well as specific information about yourself, such as your full name, address, birthday and even vacation plans. Disable location services that allow anyone to see where you are.

    Stay protected on public networks. Before you connect to any public Wi-Fi be sure to confirm the name of the network and exact login procedures with appropriate staff to ensure that the network is legitimate. Your personal hotspot is a safer alternative to free Wi-Fi. Also, only use sites that begin with “https://” when shopping or banking online.

    Introducing CISA, the Federal Governments Protection Against Cyber-Attacks

     

    On November 16, 2018, the United States Congress formed the Cybersecurity and Infrastructure Security Agency (CISA) to detect threats, quickly communicate the information and aid in defense of the nation’s critical infrastructure. The new federal agency was created through the Cybersecurity and Infrastructure Security Agency Act of 2018, which was signed into law by President Donald Trump. That legislature made the National Protection and Programs Directorate (NPPD) of the Department of Homeland Security’s (DHS) the new Cybersecurity and Infrastructure Security Agency, reassigning all resources and responsibilities within. Before the bill was passed, the NPPD handled all of DHS’s cybersecurity-related affairs.

     

    Why the CISA was Formed

    In April 2015, IT workers at the United States Office of Personnel Management (OPM), the agency that manages the government’s civilian workforce, discovered that some of its personnel files had been hacked. Sensitive personal data on 22 million current and former federal employees was stolen by suspected Chinese hackers. Among the sensitive data that was stolen, were millions of SF-86 forms, which contain extremely personal information collected in background checks for people requesting government security clearances, along with records of millions of people’s fingerprints. 

    In the wake of the massive data breach, it became even more evident that the Department of Homeland Security was not effectively positioned to respond to the growing threat of cyber-attacks, both foreign and domestic.  As more foreign invasions into U.S. IT infrastructure and other forms of cybersecurity attacks increased, industry experts demanded the creation of a new agency that would be more aligned to handle the issue of cyber security.

    DHS’s cybersecurity strategy, made public in May 2018, offered a strategic framework to carry out the government’s cybersecurity responsibilities during the following five years. The strategy highlighted a unified approach to managing risk and lending greater authority to the creation of a separate cybersecurity agency. Besides the need for a new approach to the nation’s cybersecurity threats, CISA was created to solve what security professionals and government officials frequently referred to as a “branding” problem DHS faced with NPPD. CISA would be a clear and focused federal agency.

    Learn more about the 2015 OPM Attack

    What Does CISA Do?

     

    In a nutshell, CISA is in charge of protecting the nation’s critical infrastructure from physical and cyber-attacks. The agency’s mission is to build the national capacity to defend against cyber-attacks and to work with the federal government to provide cybersecurity tools, incident response services and assessment capabilities to safeguard the .gov networks that support the essential operations of partner departments and agencies. Below is a list of other responsibilities the CISA has undertaken as a newly formed federal agency:

    • Coordinate security and resilience efforts using trusted partnerships across the private and public sector
    • Deliver technical assistance and assessments to federal stakeholders as well as to infrastructure owners and operators nationwide
    • Enhance public safety interoperable communications at all levels of government 
    • Help partners across the country develop their emergency communications capabilities
    • Conducts extensive, nationwide outreach to support and promote the ability of emergency response providers and relevant government officials to continue to communicate in the event of a natural disaster, act of terrorism, or other man-made disaster

    Visit the CISA official government page

    Who Leads the CISA?

     

    The CISA is made up of two core operations that are vital to the agency’s success. First, is the National Cybersecurity and Communications Integration Center (NCCIC), which delivers 24×7 cyber-situational awareness, analysis, incident response and cyber-defense capabilities to the federal government. The NCCIC operates on state, local, tribal, and territorial government levels; within the private sector; and with international partners. The second is the National Risk Management Center (NRMC), which is a planning, analysis and collaboration center working to identify and address the most significant risks to the nation’s critical infrastructure.

    The CISA is led by a team of eight highly respected and experienced team of individuals.

    • Director, Cybersecurity, and Infrastructure Security Agency (CISA), Christopher C. Krebs 
    • Deputy Director, Matthew Travis 
    • Assistant Director for Cybersecurity, Bryan Ware 
    • Assistant Director (Acting) for Infrastructure Security, Steve Harris
    • Assistant Director, National Risk Management Center, Bob Kolasky 
    • Assistant Director (Acting) for Emergency Communications, Vincent DeLaurentis 
    • Assistant Director for Integrated Operations, John Felker
    • Assistant Director (Acting) for Stakeholder Engagement, Bradford Willke

    You can learn more about the CISA leadership team and their structure here.

    Scroll to top