Held every October, National Cybersecurity Awareness Month (NCSAM) is a collaborative effort between government and industry to raise awareness about the importance of cybersecurity and to ensure that all Americans have the resources they need to be safer and more secure online.
NCSAM 2019 aims to help emphasize personal accountability and stress the importance of taking proactive steps to enhance cybersecurity at home and in the workplace. This year’s overarching message – Own IT. Secure IT. Protect IT. – will focus on key areas including citizen privacy, consumer devices, and e-commerce security.
You can download the 2019 NCSAM Toolkit here. It is a comprehensive guide to make it easy for you and any organization, regardless of size or industry, to engage and promote the core theme and critical messages leading up to and throughout the month of October.
Internet-enabled crimes and cyber intrusions are becoming increasingly sophisticated and preventing them requires each and every user of a connected device to be aware and on guard.
“It’s no longer enough to be on the lookout for something in your inbox that appears suspicious,” said FBI Cyber Division Assistant Director Matt Gorham. “As criminals have grown savvier and their efforts more targeted, individuals and organizations need to scrutinize messages and requests that appear legitimate.”
Some of the most common and damaging Internet-enabled crimes begin with an employee clicking a link in an email that appears to be from a colleague, following the instructions in a message that looks like it came from a supervisor, or opening an account link or invoice that seems to be from a trusted vendor.
“These routine actions can be what exposes a computer or an entire network to a ransomware attack, data breach, or another crime,” said Gorham. “As we mark National Cybersecurity Awareness Month, our hope is to focus attention on the efforts required to safeguard individual computers and accounts and secure and protect critical data and infrastructure.”
Now in its 16th year, National Cybersecurity Awareness Month is hosted every October by the Department of Homeland Security and the National Cyber Security Alliance. Multiple agencies and organizations, including the FBI, collaborate to raise awareness about cybersecurity and stress the collective effort needed to stop cyber intrusions and online thefts and scams.
“Today’s cyber threat is bigger than any one government agency—frankly, bigger than government itself,” FBI Director Christopher Wray said at a cybersecurity conference in March. “But I think no agency brings the same combination of scope and scale, experience, tools, and relationships that the FBI has.”
The FBI works in close coordination with the private sector as well as with state, local, and international partners to understand and anticipate cyber threats and pursue cyber criminals.
During National Cybersecurity Awareness Month, the FBI joins in asking every user of a connected device to Own IT. Secure IT. Protect IT.
“We look to the public and to organizations to engage by understanding these threats, taking preventive action, and reporting cyber crimes when they occur,” said Gorham.
Cyber Safety Tips
All computer users should keep systems and software up to date and use a good anti-virus program. These programs are not foolproof, however, and computer users themselves often help cybercriminals get through these safeguards. To avoid inadvertently downloading malicious code that can harm your network or giving a criminal money or valuable information, the FBI and the U.S. Department of Homeland Security recommends these tips:
- Examine the email address and URLs in all correspondence. Scammers often mimic a legitimate site or email address by using a slight variation in spelling.
- If an unsolicited text message or email asks you to update, check, or verify your account information, do not follow the link provided in the message itself or call the phone numbers provided in the message. Go to the company’s website to log into your account or call the phone number listed on the official website to see if something does in fact need your attention.
- Do not open any attachments unless you are expecting the file, document, or invoice and have verified the sender’s email address.
- Having physical access to a device makes it that much easier for an attacker to extract or corrupt information. Do not leave your device unattended in public or easily accessible areas.
- Use strong passwords. Select passwords that will be difficult for thieves to guess, and use different passwords for different programs and devices. Do not choose options that allow your computer to remember your passwords. There are services and apps available that are secure and can generate a safe and secure password for any and all accounts you may have.
- Disable remote connectivity – Some mobile devices are equipped with wireless technologies, such as Bluetooth, that can be used to connect to other devices or computers. You should disable these features when they are not in use.
- If you are storing personal or corporate information, see if your device offers the option to encrypt the files. By encrypting files, you ensure that unauthorized people can’t view data even if they can physically access it.
- Be cautious of public Wi-Fi networks – Be sure you trust where the signal is coming from. Follow these recommendations when connecting to any public wireless hotspot—like on an airplane or in an airport, hotel, train/bus station or café:
- Confirm the name of the network and exact login procedures with appropriate staff to ensure that the network is legitimate.
- Do not conduct sensitive activities, such as online shopping, banking, or sensitive work, using a public wireless network.
- Only use sites that begin with “https://” when online shopping or banking. Using your mobile network connection is generally more secure than using a public wireless network.
Sources: FBI.gov, StaySafeOnline.org, U.S Department of Homeland Security
