Cybersecurity Awareness Month is returning for its 18th year this October. With all of the cyber incidents and breaches that have occurred this past year, Cybersecurity Awareness Month takes on even more importance. As the month kicks off, I would encourage all counties to take the following steps.
Top Cyber Resources
The U.S. Department of Homeland Security provides the “Be Cyber Smart” campaign, which provides cybersecurity basics, common scams, and how to report cybersecurity incidents by visiting the campaign online.
The Cyberscurity and Infrastructure Security Agency (CISA) provides a wealth of tools, templates and other cyber resources
The Multi-State Information and Sharing Analysis Center has additional resources that can be used in public awareness campaigns.
- Access the online resources that are available to use in educating individuals and organizations about the importance of cybersecurity, ensuring that all Americans have the resources they need to be safer and more secure online.
- Utilize those resources each week in October to highlight a particular area of cybersecurity. The topics are already set up for you!
- Week 1: Be Cyber Smart
- Week 2: Fight the Phish!
- Week 3: Explore. Experience. Share. – Cybersecurity Career Awareness Week
- Week 4: Cybersecurity First
- Use the tip sheets available here to read up on various cybersecurity topics. Whether in the workplace or at home, these tip sheets have something useful for everyone
- Review the sample proclamation template that is available here and consider a similar proclamation for your county or organization
- Participate in a local or virtual training or exercise to improve cybersecurity and resilience within your organization. Many of you have already accomplished that by participating in the NACo Cyberattack simulation quarterly exercises offered this year. This past week, the third scenario on third-party partners was held where 200 county individuals participated. Sign up for the fourth quarter here. You can also gain access to the recordings from the prior three quarters
- Check in with your IT leadership (CIO, IT Director) to see if they are a member of the NACo Tech Xchange. If not, encourage them to go to County Tech Xchange and complete the form to join the NACo Tech Xchange network of county IT professionals. This membership provides the opportunity to dialogue through email on a daily basis about critical technology issues and opportunities. They will also have the opportunity to access the Tech Xchange Portal, where there are additional resources including job description and policy templates (i.e. acceptable use, security incident, etc.)
Each week, NACo will publish additional insights about that week’s theme. If you have questions or need additional information on available resources, feel free to reach out to Rita Reynolds, NACo’s CIO or Brittney Gilardian, Technology Programs Associate.
Top cyber tips
Double your login protection. Enable multi-factor authentication (MFA) for all accounts and devices to ensure that the only person who has access to your account is you
Shake up your password protocol. Consider using the longest password or passphrase permissible. Get creative and customize your standard password for different sites
If you connect, you must protect. Whether it’s your computer, smartphone, game device, or other devices, the best defense against viruses and malware is to update to the latest security software, web browser, and operating systems.
Play hard to get with strangers. Cyber criminals use phishing tactics, hoping to fool their victims. If you’re unsure who an email is from do not respond and do not click on any links or attachments found in that email.
Never click and tell. Limit what information you post on social media—from personal addresses to where you like to grab coffee.
Keep tabs on your apps. Most connected appliances, toys and devices are supported by a mobile application. Your mobile device could be filled with suspicious apps running in the background gathering your personal information. Check your app permissions and use the “rule of least privilege” to delete what you don’t need or no longer use.
Stay protected while connected. Before you connect to any public wireless hotspot – like at an airport, hotel, or café – be sure to confirm the name of the network and exact login procedures with appropriate staff to ensure that the network is legitimate.