Now in its 18th year, Cybersecurity Awareness Month—which is observed every October—continues to raise awareness about the importance of cybersecurity across the country, ensuring that we all have the resources they need to be safer and more secure online. Under the overarching theme of "Do Your Part. #BeCyberSmart,” Cybersecurity Awareness Month empowers individuals and organizations to own each of their roles in protecting their part of cyberspace. If everyone does their part – implementing stronger security practices, raising community awareness, educating vulnerable audiences – our interconnected world will be safer and more resilient for everyone.
What is cybersecurity? There are several definitions, but to be concise, cybersecurity is the measures taken to protect a computer or system (as on the Internet) against unauthorized access or attack.
Each of us has our own role in protecting information and securing systems and devices. There are many steps we can take to enhance our cybersecurity without requiring a significant investment or the help of an information security professional.
To kick off Cybersecurity Awareness Month, let’s start with some cybersecurity basics we can take to enhance our cybersecurity without requiring a significant investment or the help of an information security professional.
Cybersecurity Basics
MAKE A LONG, UNIQUE PASSPHRASE
- Length trumps complexity. A strong passphrase is a sentence that is at least 14 characters long. Focus on positive sentences or phrases that you like to think about and are easy to remember.
PASSPHRASES AREN'T ENOUGH
- Use 2-factor authentication or multi-factor authentication (like biometrics, security keys or a unique, one-time code through an app on your mobile device) whenever offered.
WHEN IN DOUBT, THROW IT OUT
- Links in email, tweets, texts, posts, social media messages, and online advertising are the easiest way for cyber criminals to get your sensitive information. Be wary of clicking on links or downloading anything that comes from a stranger or that you were not expecting. Essentially, just don’t trust links.
KEEP A CLEAN MACHINE
- Keep all software on internet connected devices – including personal computers, smartphones, and tablets – current to reduce risk of infection from ransomware and malware. Configure your devices to automatically update or to notify you when an update is available.
BACK IT UP
- Protect your valuable work, music, photos, and other digital information by making an electronic copy and storing it safely. If you have a copy of your data and your device falls victim to ransomware or other cyber threats, you will be able to restore the data from a backup. Use the 3-2-1 rule as a guide to backing up your data. The rule is: keep at least three (3) copies of your data, and store two (2) backup copies on different storage media, with one (1) of them located offsite.
OWN YOUR ONLINE PRESENCE
- Every time you sign up for a new account, download a new app, or get a new device, immediately configure the privacy and security settings to your comfort level for information sharing. Regularly check these settings (at least once a year) to make sure they are still configured to your comfort.
SHARE WITH CARE
- Think before posting about yourself and others online. Consider what a post reveals, who might see it and how it might affect you or others. Consider creating an alternate persona that you use for online profiles to limit how much of your own personal information you share.
GET SAVVY ABOUT WIFI HOTSPOTS
- Public wireless networks and hotspots are not secure, which means that anyone could potentially see what you are doing on your laptop or smartphone while you are connected to them. Limit what you do on public Wi-Fi and avoid logging in to key accounts like email and financial services. Consider using a virtual private network (VPN) or a personal/mobile hotspot if you need a more secure connection.
Additional Resources
In addition to the resources being provided throughout the month of October, below are some additional resources you can utilize to help strengthen your awareness of the University’s information security and cybersecurity efforts, as well as where best to direct your questions:
External Resources
- Cybersecurity & Infrastructure Security Agency: Protecting Your Privacy
- Federal Trade Commission: Cybersecurity Basics
- Adobe & NCSA Security Awareness Video: Phishing and Ransomware
Previous Information Security Awareness Pulse Articles
- Securing Your Information – What Can You Do
- New Forms of Information Security Attacks on the Rise
- Information Security To Go! (Tips When Travelling)
- What is Cryptocurrency?
Information Technology University Policies
- Information Security
- Information Security Program
- Classification of University Data and Systems
- Acceptable Use of Computing Resources
- Data Security Incident Response Plan
Questions?
- For questions related to the University’s information security and cybersecurity programs and policies, contact itsecurity@neomed.edu.
Stay tuned for more tips, articles and other resources that will be made available throughout the month of October!
-Submitted by Jonathan Wagner