SEPTEMBER 2012 UPDATE
- ARE YOU CYBER READY? STOP.THINK.CONNECT.™ COMMEMORATES NATIONAL PREPAREDNESS MONTH
- DHS SPOTLIGHT: FEDERAL EMERGENCY MANAGEMENT AGENCY—CYBERSECURITY IN EMERGENCY MANAGEMENT
- STOP.THINK.CONNECT. ENCOURAGES YOU TO ACT FOR NATIONAL CYBER SECURITY AWARENESS MONTH THIS OCTOBER
- STOP.THINK.CONNECT. PARTNERS WITH GIRLS SCOUTS OF THE USA
- STOP.THINK.CONNECT. ATLANTA CYBER TOUR RECAP
- INTEGRATED CYBERSECURITY EDUCATION COMMUNITIES: HELPING TEACHERS INTEGRATE CYBER INTO THEIR CLASSROOMS
Think about this – what would you do if you received a suspicious email from a friend that only included a link? Would you click on it? What would your spouse, children, friends, or colleagues do? Phishing attacks are only one of the many complex cyber threats we face every time we go online regardless of whether we are at home, at work, or on the go. As technology advances, so do the techniques cybercriminals use to gain access to our computer networks.
To commemorate National Preparedness Month, Americans all over the country are preparing for the unexpected fire, hurricane, tornado or man-made disasters. While the devastating effects on individuals, families, and communities caused from a natural or man-made disaster are easy to see, it is much more difficult to understand the impact of a sluggish computer infected with malware or viruses.
Unlike physical threats that prompt immediate action – like stop, drop, and roll in the event of a fire – cyber threats are often difficult to identify and comprehend. However, they can be just as dangerous. Cyber preparedness can be as simple as setting up the proper controls such as the ones listed below to increase your chances of avoiding cyber risks:
- Only connect to the Internet over secure, password- protected networks.
- Do not respond to online requests for personal information; most organizations – banks, universities, companies, etc. – do not ask for your personal information over the Internet.
- Limit who you are sharing information with by reviewing the privacy settings on your social media accounts.
- Trust your gut; if you think an offer is too good to be true, then it probably is.
- Do not use the same password twice; choose a password that means something to you and you only; change your passwords on a regular basis.
Click here for more tips and guidance from Ready.gov on how to prepare in the event of a cyber-attack. If you feel you’ve been a victim of a malware attack, phishing scheme, or another cybercrime, contact your local law enforcement or the Federal Trade Commission at www.ftc.gov/complaint.
DHS SPOTLIGHT: FEDERAL EMERGENCY MANAGEMENT AGENCY – CYBERSECURITY IN EMERGENCY MANAGEMENT
As technology revolutionizes and changes the way we live our lives, the benefits are numerous. However, as with everything else in life, there are pros and cons that we must be prepared for. During National Preparedness Month in September, FEMA encourages all agencies and commercial entities to ensure their cybersecurity program is part of their preparedness efforts.
With the rapid pace of technological improvements the need for a cybersecurity program to counteract against the exponential growth of hackers aimed at negatively impacting the confidentiality, integrity and availability of information systems or applications is critical to mission readiness. Present-day attacks on computer systems do not simply damage an isolated machine or disrupt a single enterprise system. Instead, modern attacks target infrastructure that is integral to the economy, national defense, and daily life. The overall goal to combat these attacks is to be able to clearly identify, mitigate, and reduce risk to a level that is manageable.
Cybersecurity continues to be an increasingly vital topic with regard to emergency management; however, many often overlook such security during a disaster or emergency situation in an effort to quickly meet the needs of our fellow citizens. As a result, critical safeguards for cyber infrastructure resources are often neglected until it is too late. In order to fully mitigate the risk, emergency management cyber situational awareness requires individuals and organizations to understand, and be aware of, how the availability of digital resources impact emergency management tasks both in the near term and future.
FEMA falls directly in the center of emergency activities – both preparedness and response. FEMA.gov provides the general public with access to critical and potentially life-saving information before, during, and after a disaster. At the same time, a high profile website such as FEMA.gov raises the eyebrows of hackers all over the globe – individuals who are set on defeating a system that serves such an immense purpose for the U.S. government.
To help mitigate this risk, FEMA has taken great efforts to address cybersecurity concerns with the newly redesigned FEMA.gov, which was launched in July 2012. FEMA.gov is the first web application to be hosted on a new DHS public “cloud” hosting environment – meaning that FEMA.gov doesn’t live on just one server at a single location, but is spread across a vast network of computers. As a result, there is no single point of failure (or attack) for the website.
The responsibility of ensuring this public-facing web application meets government and federal regulations is enormous, and even more so with the inception of cloud technology. FEMA has worked closely with DHS on applying both FISMA (the Federal Information Security Management Act of 2002) and FedRAMP (the Federal Risk and Authorization Management Program) cybersecurity. In times of disaster, this level of preparation allows FEMA to focus on its core mission rather than being distracted by cyber attacks.
While FEMA has taken great strides in preventing attacks on its cyber infrastructure, it’s also important for individuals and communities to protect their online identities. Cyber preparedness is something we should all practice. You can do this in your home and business by ensuring your network connections are password protected and secure; never provide your personal information (name, address, social security number, account numbers, etc.) to anyone you do not know or trust – and even then, do not provide it over the Internet. Always be sure to keep your anti-virus software updated and contact your IT department if you suspect anything suspicious has occurred in your workplace. Look for more tips on protecting your cyber infrastructure at http://www.ready.gov/cyber-
As members of the whole community, we must fully understand the importance of cybersecurity, situational awareness, training, and preparedness. FEMA coordinates with its stakeholders and partners to effectively execute a well-defined approach to preserving its emergency management information systems, applications, and data. By maintaining vigilance in our cyber security efforts and ensuring that FEMA.gov is available and able to meet the needs of our country, we hope to maintain the highest level of mission readiness.
STOP.THINK.CONNECT. ENCOURAGES YOU TO ACT FOR NATIONAL CYBER SECURITY AWARENESS MONTH THIS OCTOBER
Every day, we are more and more interconnected. We rely on the Internet for all of our day-to-day needs as it allows us to stay connected, informed, and involved. However, this increased connectivity brings increased risk of theft, fraud, and abuse – making cybersecurity one of our country’s most important national security priorities.
In recognition of the importance of cybersecurity awareness, President Obama designated October 2012 as National Cyber Security Awareness Month (NCSAM) as a reminder that being safer and more secure online is a shared responsibility. In other words, we should always ensure that our information and critical infrastructures remain secure and reliable for everyone.
Throughout NCSAM and beyond, you’re invited to join the DHS Stop.Think.Connect. Campaign to take part and ACT – Achieve Cybersecurity Together – to ensure everyone understands their role in safeguarding and securing cyberspace, recognizes how to protect themselves and their online interests, and knows who to contact if compromised online.
Here are a few simple things businesses, schools, and home users can do to practice cybersecurity during National Cyber Security Awareness Month and throughout the year:
- Find or register a local National Cyber Security Awareness Month event.
- Show your organization’s commitment to cybersecurity by signing the online endorsement form and becoming a National Cyber Security Awareness MonthChampion.
- Download tip sheets on how to stay safer in a variety of online settings: on social networking sites, on gaming sites, on your mobile device, and distribute them within your community.
- Participate in the NCSA’s Cyber Security Awareness Volunteer Education (C-SAVE) Program and help educate elementary, middle, and high school students about Internet safety and security.
- Add a signature block to your e-mail: “October is National Cyber Security Awareness Month. Stay Safe Online! Visit www.staysafeonline.org for the latest cybersecurity tips.”
For more information on NCSAM, click here. The Stop.Think.Connect.Campaign will be issuing a special newsletter mid-September with more details on all NCSAM events that will be occurring throughout the month with additional tips of how you can be involved.
STOP.THINK.CONNECT. PARTNERS WITH THE GIRLS SCOUTS OF THE USA
The U.S. Department of Homeland Security announced on August 22, 2012 during the Atlanta Cyber Tour that the Girl Scouts of the USA organization has joined the Stop.Think.Connect. Campaign’s National Network, forming a new partnership which will promote cybersecurity awareness to over 3.2 million youth across the country.
The Campaign will provide the Girl Scouts with tools and resources to help raise awareness among kids, teens, and young adults about emerging online threats and the importance of cybersecurity. This partnership builds on the Campaign’s efforts to highlight curriculum resources available to communities, as well as to promote cyber awareness and educate America’s youth about safer online practices.
“Cyber education is crucial for preparing future generations for the ever-changing cyber world,” said Secretary Napolitano. “With the help of Girl Scouts of the USA, the Campaign has an opportunity to broaden cybersecurity awareness to millions of American youth engaged with the Girl Scouts program.”
“This collaboration between Girl Scouts and The U.S. Department of Homeland Security will empower girls to become leaders and advocates for the safe and responsible use of technology,” explains Anna Maria Chávez, Chief Executive Officer of the Girl Scouts of the USA. “We know that girls are online. As adults, it is our responsibility to create an environment that encourages girls to establish healthy online habits.”
Girl Scouts of the USA was founded in 1912 with the goal of bringing girls out of isolated home environments and into community service. Through enriching experiences, such as field trips, sports skill-building clinics, community service projects, cultural exchanges, and environmental stewardships, Girl Scouts seeks to grow courageous and strong young women.
For additional information on Girl Scouts of the USA please click here.
INTEGRATED CYBERSECURITY EDUCATION COMMUNITIES: HELPING TEACHERS INTEGRATE CYBER INTO THEIR CLASSROOMS
Update your subscriptions, modify your password or e-mail address, or stop subscriptions at any time on your Subscriber Preferences Page. You will need to use your e-mail address to log in. If you have questions or problems with the subscription service, please contact firstname.lastname@example.org.
This service is provided to you at no charge by the U.S. Department of Homeland Security.