WASHINGTON, Oct. 22, 2018 /PRNewswire/ -- Critical
infrastructure, which provides essential services and the
foundation of our nation's security, relies heavily on technology
and communications. In Week 4 of NCSAM, which leads into Critical
Infrastructure Security and Resilience (CISR) Month (held annually
in November), the National Cyber Security Alliance (NCSA), the U.S.
Department of Homeland Security (DHS) and partners are raising
awareness about the importance of securing the country's critical
infrastructure. Both individuals and organizations play a key role
in helping to protect these networks and systems from cyber
threats.
"With the 2018 midterm elections quickly approaching,
cybersecurity is top-of-mind for many Americans," said
Russ Schrader, NCSA's executive
director. "NCSA, DHS and thousands of supporters are committed to
reiterating the message that everyone shares a role in protecting
cyberspace. If internet users nationwide do their part to follow
basic cybersecurity practices, citizens and the country at large
will be safer and more secure."
As technology providers continue to advance approaches to
protecting our nation's systems, they are striving to develop
solutions across the entire technology stack. With increased
connectivity across all industries, it is important that government
and industry work together to address needs of our critical
infrastructure – both now and in the future. Technology companies
are regularly partnering with government organizations to provide
security guidance. For example, Intel is among a handful of
companies that collaborated with NIST's National Cybersecurity
Center of Excellence to provide authentication solutions for
government workers who use mobile devices. Along with many peers,
Intel is focused on developing solutions that help mitigate
security concerns for the government.
NCSAM's Week 4 theme showcases the importance of safeguarding
the country's critical infrastructure. With that top of mind, the
high demand for professionals to protect the internet and the
country's infrastructure has yielded an unmatched number of
unfilled cybersecurity jobs. Cultivating the next generation of
cybersecurity professionals – whether it's students, veterans
returning to civilian life or individuals re-entering the workforce
– is essential. There is a tremendous gap in the quantity of
qualified professionals to fill open cybersecurity jobs. Many of
these positions are open in industries that keep water flowing from
our faucets, lights on at our homes, money in the bank and food on
the kitchen table.
Protecting the nation's 16 sectors of our nation's critical
infrastructure is a shared responsibility between government and
industry – both technology providers and critical infrastructure
owners and operators. In addition, there are steps that individuals
can take to protect themselves, their information, the larger
community and our critical infrastructure during October, CISR
Month 2018 and year-round:
- Lock down your login: Fortify your online accounts by
enabling the strongest authentication tools available, such as
biometrics or a unique one-time code through an app on your mobile
device. Your usernames and passwords are not enough to protect key
accounts like email, banking and social media.
- Keep a clean machine: Keep all software on
internet-connected devices – including PCs, smartphones and tablets
– up to date to reduce risk of infection from malware.
- When in doubt, throw it out: Cybercriminals often use
links in email, social posts and texts to try to steal your
personal information. Even if you know the source, if something
looks suspicious, delete it.
- Safer for me, more secure for all: What you do online
has the potential to affect everyone – at home, at work and around
the world. Practicing good online habits benefits the global
digital community.
- View, download and share the Week 4 infographic to learn
more about the role critical infrastructure plays and how you can
help keep its systems and networks more secure.
To learn more about CISR Month and how you can get involved,
visit the DHS website.
On Nov. 1 in Anchorage, AL, NCSA
will host a CyberSecure My Business™ workshop in partnership with
the National Rural Electric Cooperative Association
(NRECA). NRECA is the national service organization dedicated
to representing the national interests of the 895 cooperative
electric utilities they serve that provide power to 42 million
people in 47 states. NRECA's Rural Cooperative Cybersecurity
Capabilities (RC3) Program is sponsoring a Cybersecurity Summit in
Anchorage in collaboration with the Alaska Power Association. The
full-day RC3 Cybersecurity Summit – which includes the NCSA
workshop ‒ will focus on the cybersecurity challenges facing small-
and medium-sized electric utility companies and is a free event
open to all electric utilities in Alaska. More than 90 percent of Alaskans
receive electricity from either a cooperative or a municipal
(publicly-owned) utility, and these utilities supply power to more
than a half-million Alaskans from Barrow to Unalaska, through the Interior and
Southcentral and down the Inside Passage. The RC3 Summit will
provide a unique opportunity for all of Alaska's electric utilities to come together
and discuss cybersecurity challenges. It will share invaluable
information on how these companies ‒ that are so vital to the
state's infrastructure ‒ can integrate cybersecurity controls into
their overall risk management strategy. NRECA's RC3 Program is
funded through the U.S. Department of Energy, National Energy
Technology Laboratory under Award Number DE-OE0000807. To learn
more about the event, visit
https://www.eventbrite.com/e/emerging-priorities-in-energy-research-day-rc3-summit-anchorage-ak-tickets-49663084623
Week 4 Resources
- Cofense™, the leading provider of human-driven phishing
defense solutions world-wide, this month is helping global
organizations stay cyber-aware by releasing their 2018 State of
Phishing Defense Report, which analyzed approximately 135 million
simulated phishing emails, 800,000 emails reported into the Cofense
Phishing Defense Center and nearly 50,000 in-the-wild phishing
campaigns analyzed by Cofense Intelligence™. According to a
recent press release, "The findings highlighted that thus far
in 2018, one in ten reported emails were verified as malicious and
more than half of those were tied to credential phishing where a
fraudulent email attempts to gather login and system information
from users." The report also contains the most current phishing
susceptibility, resiliency and reporting rates across major
industry verticals. The report is available free here:
https://cofense.com/state-of-phishing-defense-2018/
- Cybersecurity Practice Guide SP 1800-12: This guideline
developed by the National Cybersecurity Center of Excellence
(NCCoE) and industry partners provides federal agencies using
mobile devices standards-based, commercially available
cybersecurity technologies to provide secure authentication. Intel®
Authenticate is a key component in the guideline, leveraging
hardware-based technology for robust multifactor
authentication.
- DHS Critical Infrastructure Cyber Community (C³) Voluntary
Program: This no-cost program helps organizations of all sizes
and in all industries combat the cyber threat. C³ supports
industry in increasing cyber resilience by promoting awareness and
the use of the National Institute for Standards and Technology
Cybersecurity Framework.
- ESET's Cybersecurity Awareness Training is a free
on-demand, interactive video training that business can send to
their employees to help them become more cyber aware. The
interactive, gamified videos are a fun, effective way to teach and
educate employees about cyber threats in the workplace and help
keep your business safe.
https://www.eset.com/us/cybertraining/
- Raytheon: The best ideas come from diverse teams of
people from different backgrounds and perspectives. Raytheon
Company partnered with the Center for Cyber Safety on a new
scholarship program designed to encourage college women to pursue
cybersecurity degrees. Administered by the Center for Cyber
Safety and Education, the annual Raytheon CCDC Women's
Cybersecurity Scholarship will award scholarships to two females
that participate in the Collegiate Cyber Defense Competition
annually. Each scholarship will include an internship opportunity
in Raytheon's Intelligence, Information and Services' Cybersecurity
and Special Mission area. Raytheon is the title sponsor of the
National Collegiate Cyber Defense Competition, a tournament to
choose the U.S. collegiate team that can best protect computer
networks against real-world cyber threats. For more information
about the Raytheon CCDC Women's Cybersecurity Scholarship,
including eligibility requirements,
visit https://iamcybersafe.org/scholarships/raytheon-womens-scholarships/
now through February 1.
- Wells Fargo: The
Cybersecurity Talent Shortage: A Career Opportunity for All
Generations
As technology innovation increases the
need for information security, the talent gap for cybersecurity
professionals has never been greater. Wells Fargo Chief Information Security Officer
Rich Baich addresses the skills
needed and the opportunities available for both new and tenured job
seekers.
https://staysafeonline.org/blog/cybersecurity-talent-shortage-career-opportunity-generations/
- Generali Global Assistance: In an effort to support
NCSAM's mission of generating more awareness about cybersecurity
threats and the steps everyone can take to better protect
themselves and the customers they serve, Generali Global Assistance
is offering ScamAssist™ to all consumers for free during the month
of October 2018! ScamAssist™ is a consumer service that takes
solicitations our customers receive, performs expert research of
the solicitations and delivers case-by-case assessments on the
likelihood of it being a scam, thereby reducing the chances of a
customer inadvertently providing funds or sensitive information to
a criminal.
Learn more here:
https://us.generaliglobalassistance.com/blog/reducing-consumer-risk-scamassisttm/.
- National Institute of Standards and Technology (NIST)
Cybersecurity Framework: The NIST Framework, which was created
through collaboration between industry and government, consists of
standards, guidelines and practices to promote the protection of
critical infrastructure. The framework's prioritized, flexible,
repeatable and cost-effective approach helps owners and operators
of critical infrastructure manage cybersecurity-related risk.
In-person and Virtual Events
- Symantec Webinar: Safeguarding the Nation's Critical
Infrastructure on Tuesday, Oct. 23,
1:00 p.m. EDT/10:00 a.m. PDT Week 4 will emphasize
the importance of securing our critical infrastructure and
highlight the roles the public can play in keeping it safe.
Speaker: Curtis Barker,
Symantec
Register Here:
https://www.symantec.com/about/webcasts?commid=330288
- Symantec Webinar: Is The Cloud Safe? Ensuring Security on
the Cloud, Thursday, Oct. 25,
2:00 p.m. EDT/11:00 a.m.
PDT When switching to the cloud, many nonprofits wonder
how cloud apps and services, such as Microsoft Office 365, G Suite,
Box, and Amazon Web Services, will affect their organization's
security. Cloud apps and software offer a multitude of benefits to
nonprofits when it comes to keeping their devices and data safe. In
this 60-minute webinar hosted by Deena
Thomchick, Symantec's senior director of cloud security, we
will cover the many security benefits of switching to the cloud.
You will learn:
-
- Benefits of adopting cloud apps and services
- What you are responsible for and what your cloud provider is
responsible for when it comes to security
- Risks to look out for when using cloud apps and services
- How to mitigate risks with security best practices for email,
endpoints (including laptops and mobile devices), content and
users
To
learn more, visit
https://page.techsoup.org/symantec-is-the-cloud-safe-webinar-10252018
- #ChatSTC Twitter Chat: Safeguarding the Nation's Critical
Infrastructure, Thursday, Oct. 25,
2018, 3:00 p.m. EDT/noon
PDT Our day-to-day life depends on the country's
16 sectors of critical infrastructure, which supply food, water,
financial services, public health, communications and power along
with other networks and systems. A disruption to this system, which
is operated via the internet, can have significant and even
catastrophic consequences for our nation. This #ChatSTC will
emphasize the importance of securing our critical infrastructure
and highlight the roles the public can play in keeping it
safe.
- Securing Election Systems Against Cyber Attacks: Risks and
Solutions for 2018, 2020 and Beyond, Tuesday, Oct. 30, Washington, D.C., 9:00
a.m. - 10:30 a.m. at CSIS Headquarters
Following the 2016 election, in which election systems in at least
21 states were targeted by malicious cyber actors, several studies
have put forth proposals to secure election systems against cyber
threats and restore public trust in the election process, but
implementing consistent baseline security practices remains
challenging. The danger is not that an attack is likely to
alter voting results across the nation, but that hackers will
be able to infect relatively few computers and still seed doubt
about the legitimacy of the elections. U.S. elections are managed
through a hodgepodge of systems that vary from state to state,
including paper ballots, electronic screens and even some Internet
voting. Join Raytheon and the Center for Strategic and
International Studies (CSIS) for a discussion about progress that
has been made since the 2016 election and assess ongoing efforts at
the state and national level to secure election systems. Panelists
from U.S. Election Assistance Commission, DHS and the Center for
Internet Security will also discuss what gaps and vulnerabilities
still remain, and what steps can be taken in preparation for the
upcoming elections. Register here.
- Identity and Authentication: The Road Ahead presented by the
FIDO Alliance, the National Cyber Security Alliance, and the Better
Identity Coalition, Friday, Nov. 2,
Washington D.C., 9:30 a.m. – 3:00
p.m. at Venable LLP Last year, 16.7 million Americans
were victims of identity fraud and there was a 389% increase in the
number of records containing identity information stolen in
breaches. Participants in this forum will examine the importance of
better identity and authentication in cybersecurity and discuss the
roles government and industry should play to improve the state of
identity security in 2019. Featuring government speakers from the
FTC, OMB, NIST, Office of the Comptroller of the Currency (OCC) and
Office of the National Coordinator for Health IT. Registration
website:
https://connect.venable.com/26/1387/compose-email/invitation-(2).asp
Resources to Help You Stay Safer Online Year-Round
- DHS Stop. Think. Connect. Resources: DHS' Stop. Think.
Connect. page shares cyber tips and resources, ways to get involved
with the global online safety awareness campaign, toolkits for all
segments of the community, videos, promotional materials and
more.
- BBB Cybersecurity: The Council of Better Business
Bureaus (BBB) has created a business education resource to provide
small and medium-sized businesses with valuable tools, tips and
content to help them manage cyber risks and learn about
cybersecurity best practices in the modern business
environment.
- #CyberAware Newsletter: #CyberAware is a monthly
newsletter created for parents by NCSA. Each month, the newsletter
shares family online safety news and resources and the latest from
the Stay Safe Online blog.
- LockDownYourLogin.com: Usernames and passwords
are no longer enough to keep your accounts secure. Anyone with your
username and password can access your account. Visit
LockDownYourLogin.com to easily learn how to move beyond the
password and better secure your online accounts.
- OnGuardOnline: The U.S. Federal Trade Commission's
OnGuardOnline portal provides news, tips, resources, videos and
more to help you, your family and the larger community stay safer
and more secure online.
About National Cybersecurity Awareness Month
National
Cybersecurity Awareness Month (NCSAM) was created as a
collaborative effort between government and industry to ensure
every American has the resources they need to stay safer and more
secure online. Now in its 15th year, NCSAM is co-led by the
Department of Homeland Security and the National Cyber Security
Alliance, the nation's leading nonprofit public-private partnership
promoting the safe and secure use of the internet and digital
privacy. Recognized annually in October, NCSAM involves the
participation of a multitude of industry leaders ‒ mobilizing
individuals, small and medium-sized businesses, nonprofits,
academia, multinational corporations and governments. Encouraging
digital citizens around the globe to STOP. THINK. CONNECT.™ NCSAM
is harnessing the collective impact of its programs and resources
to increase awareness about today's ever-evolving cybersecurity
landscape. Visit the NCSAM media room:
staysafeonline.org/about-us/news/media-room/.
About the National Cyber Security
Alliance
NCSA is the nation's leading
nonprofit, public-private partnership promoting cybersecurity and
privacy education and awareness. NCSA works with a broad array of
stakeholders in government, industry and civil society. NCSA's
primary partners are DHS and NCSA's Board of Directors, which
includes representatives from ADP; AT&T Services Inc.; Bank of
America; CDK Global, LLC; CertNexus; Cisco; Cofense; Comcast
Corporation; ESET North America; Facebook; Google; Intel
Corporation; Marriott International; Mastercard; Microsoft
Corporation; Mimecast; NXP Semiconductors; Raytheon; Salesforce;
Symantec Corporation; Visa and Wells Fargo. NCSA's core efforts
include National Cyber Security Awareness Month (October); Data
Privacy Day (Jan. 28); STOP. THINK.
CONNECT.™, the global online safety awareness and education
campaign co-founded by NCSA and the Anti-Phishing Working Group
with federal government leadership from DHS; and CyberSecure My
Business™, which offers webinars, web resources and workshops to
help businesses be resistant to and resilient from cyberattacks.
For more information on NCSA, please
visit staysafeonline.org/about-us/overview/.
View original content to download
multimedia:http://www.prnewswire.com/news-releases/safeguarding-the-nations-infrastructure-needs-to-be-our-shared-responsibility-300735086.html
SOURCE National Cyber Security Alliance