The 19th annual awareness campaign by the US Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the National Cybersecurity Agency (NCA), is focusing on the actions that average people can take to fight attacks by bad actors online.
This year’s campaign theme — “See Yourself in Cyber” — demonstrates that while cybersecurity may seem like a complex subject, ultimately, it’s really all about people. With a focus on the “people” part of cybersecurity, the campaign provides information and resources to help educate CISA partners and the public, and ensure all individuals and organizations make smart decisions whether on the job, at home or at school – now and in the future. The agencies encourage IT and cybersecurity stake-holders to craft their own cyber awareness campaigns and share CISA/NCA’s messaging with peers.
What can you do?
CISA and NCA highlights key actions that everyone should take:
- Think Before You Click: Recognize and Report Phishing: If a link looks a little off, think before you click. It could be an attempt to get sensitive information or install malware.
- Update Your Software: Don’t delay — If you see a software update notification, act promptly. Better yet, turn on automatic updates.
- Use Strong Passwords: Use passwords that are long, unique, and randomly generated. Use password managers to generate and remember different, complex passwords for each of your accounts. A passwords manager will encrypt passwords securing them for you!
- Enable Multi-Factor Authentication: You need more than a password to protect your online accounts, and enabling MFA makes you significantly less likely to get hacked.
Several (very useful) reference documents are available
- See Yourself In Cyber: Public Toolkit (pdf), CISA, which identifies threats and actions that people can take to protect themselves
- See Yourself In Cyber: Ways to Create a Campaign (pdf), CISA, a guide for marketers, with key messaging, articles, social media, and more to promote Cybersecurity Awareness Month 2022
- Oh Behave! – The Annual Cybersecurity Attitudes and Behaviors Report 2022 (Landing page with online order form, free), NCA, a research study.
- Cybersecurity Awareness Month (backgrounder online), CISA, press release
- Cybersecurity Awareness Month (backgrounder online), NCA, which describes the program and its themes
The NCA/CISA themes are:
- See Yourself taking action to stay safe online. Individuals and families should implement some basic cyber hygiene practices: update your software, think before you click, have good strong passwords or a password keeper, and enable multi-factor authentication (meaning you need “More Than A Password!”) on all your sensitive accounts.
- See Yourself joining the cyber workforce. How we can build a cybersecurity workforce that is bigger, more diverse and dedicated to solving the problems that will help keep the American people safe. For those considering joining the cyber community
- See Yourself as part of the solution. How industry can put operational collaboration into practice, working with partners to share information in real-time, reducing risk and building resilience.
Why it matters
Initiatives like this always seem to prompt eye-rolling from cynics that question the content or motives of government programs. The Washington Post added the admission that journalists, especially, are weary of “endless emails” every year; some beginning as early as August. Also, an admonishment against using the acronym for Cyber Security Awareness Month, which could also apply to Chi|d Səx Abμse Materials.
But with the rise of cyberattacks that harm public utilities, journalistic outlets and result in the harmful release of confidential personal information, we should move beyond taking notice, and take personal action.
National Cybersecurity Awareness Month is an ernest initiative with good information. The agencies’ materials are well worth reading even if we’ve heard it all before.