Safeguarding the Nation's Infrastructure Needs to Be "Our Shared Responsibility"
WASHINGTON, Oct. 22, 2018 /PRNewswire/ -- Critical infrastructure, which provides essential services and the foundation of our nation's security, relies heavily on technology and communications. In Week 4 of NCSAM, which leads into Critical Infrastructure Security and Resilience (CISR) Month (held annually in November), the National Cyber Security Alliance (NCSA), the U.S. Department of Homeland Security (DHS) and partners are raising awareness about the importance of securing the country's critical infrastructure. Both individuals and organizations play a key role in helping to protect these networks and systems from cyber threats.
"With the 2018 midterm elections quickly approaching, cybersecurity is top-of-mind for many Americans," said Russ Schrader, NCSA's executive director. "NCSA, DHS and thousands of supporters are committed to reiterating the message that everyone shares a role in protecting cyberspace. If internet users nationwide do their part to follow basic cybersecurity practices, citizens and the country at large will be safer and more secure."
As technology providers continue to advance approaches to protecting our nation's systems, they are striving to develop solutions across the entire technology stack. With increased connectivity across all industries, it is important that government and industry work together to address needs of our critical infrastructure - both now and in the future. Technology companies are regularly partnering with government organizations to provide security guidance. For example, Intel is among a handful of companies that collaborated with NIST's National Cybersecurity Center of Excellence to provide authentication solutions for government workers who use mobile devices. Along with many peers, Intel is focused on developing solutions that help mitigate security concerns for the government.
NCSAM's Week 4 theme showcases the importance of safeguarding the country's critical infrastructure. With that top of mind, the high demand for professionals to protect the internet and the country's infrastructure has yielded an unmatched number of unfilled cybersecurity jobs. Cultivating the next generation of cybersecurity professionals - whether it's students, veterans returning to civilian life or individuals re-entering the workforce - is essential. There is a tremendous gap in the quantity of qualified professionals to fill open cybersecurity jobs. Many of these positions are open in industries that keep water flowing from our faucets, lights on at our homes, money in the bank and food on the kitchen table.
Protecting the nation's 16 sectors of our nation's critical infrastructure is a shared responsibility between government and industry - both technology providers and critical infrastructure owners and operators. In addition, there are steps that individuals can take to protect themselves, their information, the larger community and our critical infrastructure during October, CISR Month 2018 and year-round:
-- Lock down your login: Fortify your online accounts by enabling the
strongest authentication tools available, such as biometrics or a unique
one-time code through an app on your mobile device. Your usernames and
passwords are not enough to protect key accounts like email, banking and
social media.
-- Keep a clean machine: Keep all software on internet-connected devices -
including PCs, smartphones and tablets - up to date to reduce risk of
infection from malware.
-- When in doubt, throw it out: Cybercriminals often use links in email,
social posts and texts to try to steal your personal information. Even
if you know the source, if something looks suspicious, delete it.
-- Safer for me, more secure for all: What you do online has the potential
to affect everyone - at home, at work and around the world. Practicing
good online habits benefits the global digital community.
-- View, download and share the Week 4 infographic to learn more about the
role critical infrastructure plays and how you can help keep its systems
and networks more secure.
To learn more about CISR Month and how you can get involved, visit the DHS website.
On Nov. 1 in Anchorage, AL, NCSA will host a CyberSecure My Business(TM) workshop in partnership with the National Rural Electric Cooperative Association (NRECA). NRECA is the national service organization dedicated to representing the national interests of the 895 cooperative electric utilities they serve that provide power to 42 million people in 47 states. NRECA's Rural Cooperative Cybersecurity Capabilities (RC3) Program is sponsoring a Cybersecurity Summit in Anchorage in collaboration with the Alaska Power Association. The full-day RC3 Cybersecurity Summit - which includes the NCSA workshop ? will focus on the cybersecurity challenges facing small- and medium-sized electric utility companies and is a free event open to all electric utilities in Alaska. More than 90 percent of Alaskans receive electricity from either a cooperative or a municipal (publicly-owned) utility, and these utilities supply power to more than a half-million Alaskans from Barrow to Unalaska, through the Interior and Southcentral and down the Inside Passage. The RC3 Summit will provide a unique opportunity for all of Alaska's electric utilities to come together and discuss cybersecurity challenges. It will share invaluable information on how these companies ? that are so vital to the state's infrastructure ? can integrate cybersecurity controls into their overall risk management strategy. NRECA's RC3 Program is funded through the U.S. Department of Energy, National Energy Technology Laboratory under Award Number DE-OE0000807. To learn more about the event, visit https://www.eventbrite.com/e/emerging-priorities-in-energy-research-day-rc3-summit-anchorage-ak-tickets-49663084623
Week 4 Resources
-- Cofense(TM), the leading provider of human-driven phishing defense
solutions world-wide, this month is helping global organizations stay
cyber-aware by releasing their 2018 State of Phishing Defense Report,
which analyzed approximately 135 million simulated phishing emails,
800,000 emails reported into the Cofense Phishing Defense Center and
nearly 50,000 in-the-wild phishing campaigns analyzed by Cofense
Intelligence(TM). According to a recent press release, "The findings
highlighted that thus far in 2018, one in ten reported emails were
verified as malicious and more than half of those were tied to
credential phishing where a fraudulent email attempts to gather login
and system information from users." The report also contains the most
current phishing susceptibility, resiliency and reporting rates across
major industry verticals. The report is available free here:
https://cofense.com/state-of-phishing-defense-2018/
-- Cybersecurity Practice Guide SP 1800-12: This guideline developed by the
National Cybersecurity Center of Excellence (NCCoE) and industry
partners provides federal agencies using mobile devices standards-based,
commercially available cybersecurity technologies to provide secure
authentication. Intel® Authenticate is a key component in the
guideline, leveraging hardware-based technology for robust multifactor
authentication.
-- DHS Critical Infrastructure Cyber Community (C³) Voluntary Program:
This no-cost program helps organizations of all sizes and in all
industries combat the cyber threat. C³ supports industry in increasing
cyber resilience by promoting awareness and the use of the National
Institute for Standards and Technology Cybersecurity Framework.
-- ESET's Cybersecurity Awareness Training is a free on-demand, interactive
video training that business can send to their employees to help them
become more cyber aware. The interactive, gamified videos are a fun,
effective way to teach and educate employees about cyber threats in the
workplace and help keep your business safe.
https://www.eset.com/us/cybertraining/
-- Raytheon: The best ideas come from diverse teams of people from
different backgrounds and perspectives. Raytheon Company partnered with
the Center for Cyber Safety on a new scholarship program designed to
encourage college women to pursue cybersecurity degrees. Administered by
the Center for Cyber Safety and Education, the annual Raytheon CCDC
Women's Cybersecurity Scholarship will award scholarships to two females
that participate in the Collegiate Cyber Defense Competition annually.
Each scholarship will include an internship opportunity in Raytheon's
Intelligence, Information and Services' Cybersecurity and Special
Mission area. Raytheon is the title sponsor of the National Collegiate
Cyber Defense Competition, a tournament to choose the U.S. collegiate
team that can best protect computer networks against real-world cyber
threats. For more information about the Raytheon CCDC Women's
Cybersecurity Scholarship, including eligibility requirements, visit
https://iamcybersafe.org/scholarships/raytheon-womens-scholarships/ now
through February 1.
-- Wells Fargo: The Cybersecurity Talent Shortage: A Career Opportunity for
All Generations As technology innovation increases the need for
information security, the talent gap for cybersecurity professionals has
never been greater. Wells Fargo Chief Information Security Officer Rich
Baich addresses the skills needed and the opportunities available for
both new and tenured job
seekers.https://staysafeonline.org/blog/cybersecurity-talent-shortage-ca
reer-opportunity-generations/
-- Generali Global Assistance: In an effort to support NCSAM's mission of
generating more awareness about cybersecurity threats and the steps
everyone can take to better protect themselves and the customers they
serve, Generali Global Assistance is offering ScamAssist(TM) to all
consumers for free during the month of October 2018! ScamAssist(TM) is a
consumer service that takes solicitations our customers receive,
performs expert research of the solicitations and delivers case-by-case
assessments on the likelihood of it being a scam, thereby reducing the
chances of a customer inadvertently providing funds or sensitive
information to a criminal.Learn more here:
https://us.generaliglobalassistance.com/blog/reducing-consumer-risk-scam
assisttm/.
-- National Institute of Standards and Technology (NIST) Cybersecurity
Framework: The NIST Framework, which was created through collaboration
between industry and government, consists of standards, guidelines and
practices to promote the protection of critical infrastructure. The
framework's prioritized, flexible, repeatable and cost-effective
approach helps owners and operators of critical infrastructure manage
cybersecurity-related risk.
In-person and Virtual Events
-- Symantec Webinar: Safeguarding the Nation's Critical Infrastructure on
Tuesday, Oct. 23, 1:00 p.m. EDT/10:00 a.m. PDT Week 4 will emphasize
the importance of securing our critical infrastructure and highlight the
roles the public can play in keeping it safe. Speaker: Curtis Barker,
Symantec Register Here:
https://www.symantec.com/about/webcasts?commid=330288
-- Symantec Webinar: Is The Cloud Safe? Ensuring Security on the Cloud,
Thursday, Oct. 25, 2:00 p.m. EDT/11:00 a.m. PDT When switching to the
cloud, many nonprofits wonder how cloud apps and services, such as
Microsoft Office 365, G Suite, Box, and Amazon Web Services, will affect
their organization's security. Cloud apps and software offer a multitude
of benefits to nonprofits when it comes to keeping their devices and
data safe. In this 60-minute webinar hosted by Deena Thomchick,
Symantec's senior director of cloud security, we will cover the many
security benefits of switching to the cloud. You will learn:
-- Benefits of adopting cloud apps and services
-- What you are responsible for and what your cloud provider is
responsible for when it comes to security
-- Risks to look out for when using cloud apps and services
-- How to mitigate risks with security best practices for email,
endpoints (including laptops and mobile devices), content and users
To learn more, visit https://page.techsoup.org/symantec-is-the-cloud-safe-webinar-10252018
-- #ChatSTC Twitter Chat: Safeguarding the Nation's Critical
Infrastructure, Thursday, Oct. 25, 2018, 3:00 p.m. EDT/noon PDT Our
day-to-day life depends on the country's 16 sectors of critical
infrastructure, which supply food, water, financial services, public
health, communications and power along with other networks and systems.
A disruption to this system, which is operated via the internet, can
have significant and even catastrophic consequences for our nation. This
#ChatSTC will emphasize the importance of securing our critical
infrastructure and highlight the roles the public can play in keeping it
safe.
-- Securing Election Systems Against Cyber Attacks: Risks and Solutions for
2018, 2020 and Beyond, Tuesday, Oct. 30, Washington, D.C., 9:00 a.m. -
10:30 a.m. at CSIS HeadquartersFollowing the 2016 election, in which
election systems in at least 21 states were targeted by malicious cyber
actors, several studies have put forth proposals to secure election
systems against cyber threats and restore public trust in the election
process, but implementing consistent baseline security practices remains
challenging. The danger is not that an attack is likely to alter voting
results across the nation, but that hackers will be able to infect
relatively few computers and still seed doubt about the legitimacy of
the elections. U.S. elections are managed through a hodgepodge of
systems that vary from state to state, including paper ballots,
electronic screens and even some Internet voting. Join Raytheon and the
Center for Strategic and International Studies (CSIS) for a discussion
about progress that has been made since the 2016 election and assess
ongoing efforts at the state and national level to secure election
systems. Panelists from U.S. Election Assistance Commission, DHS and the
Center for Internet Security will also discuss what gaps and
vulnerabilities still remain, and what steps can be taken in preparation
for the upcoming elections. Register here.
-- Identity and Authentication: The Road Ahead presented by the FIDO
Alliance, the National Cyber Security Alliance, and the Better Identity
Coalition, Friday, Nov. 2, Washington D.C., 9:30 a.m. - 3:00 p.m. at
Venable LLP Last year, 16.7 million Americans were victims of identity
fraud and there was a 389% increase in the number of records containing
identity information stolen in breaches. Participants in this forum will
examine the importance of better identity and authentication in
cybersecurity and discuss the roles government and industry should play
to improve the state of identity security in 2019. Featuring government
speakers from the FTC, OMB, NIST, Office of the Comptroller of the
Currency (OCC) and Office of the National Coordinator for Health IT.
Registration website:
https://connect.venable.com/26/1387/compose-email/invitation-(2).asp
Resources to Help You Stay Safer Online Year-Round
-- DHS Stop. Think. Connect. Resources: DHS' Stop. Think. Connect. page
shares cyber tips and resources, ways to get involved with the global
online safety awareness campaign, toolkits for all segments of the
community, videos, promotional materials and more.
-- BBB Cybersecurity: The Council of Better Business Bureaus (BBB) has
created a business education resource to provide small and medium-sized
businesses with valuable tools, tips and content to help them manage
cyber risks and learn about cybersecurity best practices in the modern
business environment.
-- #CyberAware Newsletter: #CyberAware is a monthly newsletter created for
parents by NCSA. Each month, the newsletter shares family online safety
news and resources and the latest from the Stay Safe Online blog.
-- LockDownYourLogin.com: Usernames and passwords are no longer enough to
keep your accounts secure. Anyone with your username and password can
access your account. Visit LockDownYourLogin.com to easily learn how to
move beyond the password and better secure your online accounts.
-- OnGuardOnline: The U.S. Federal Trade Commission's OnGuardOnline portal
provides news, tips, resources, videos and more to help you, your family
and the larger community stay safer and more secure online.
About National Cybersecurity Awareness Month
National Cybersecurity Awareness Month (NCSAM) was created as a collaborative effort between government and industry to ensure every American has the resources they need to stay safer and more secure online. Now in its 15th year, NCSAM is co-led by the Department of Homeland Security and the National Cyber Security Alliance, the nation's leading nonprofit public-private partnership promoting the safe and secure use of the internet and digital privacy. Recognized annually in October, NCSAM involves the participation of a multitude of industry leaders ? mobilizing individuals, small and medium-sized businesses, nonprofits, academia, multinational corporations and governments. Encouraging digital citizens around the globe to STOP. THINK. CONNECT.(TM) NCSAM is harnessing the collective impact of its programs and resources to increase awareness about today's ever-evolving cybersecurity landscape. Visit the NCSAM media room: staysafeonline.org/about-us/news/media-room/.
About the National Cyber Security Alliance
NCSA is the nation's leading nonprofit, public-private partnership promoting cybersecurity and privacy education and awareness. NCSA works with a broad array of stakeholders in government, industry and civil society. NCSA's primary partners are DHS and NCSA's Board of Directors, which includes representatives from ADP; AT&T Services Inc.; Bank of America; CDK Global, LLC; CertNexus; Cisco; Cofense; Comcast Corporation; ESET North America; Facebook; Google; Intel Corporation; Marriott International; Mastercard; Microsoft Corporation; Mimecast; NXP Semiconductors; Raytheon; Salesforce; Symantec Corporation; Visa and Wells Fargo. NCSA's core efforts include National Cyber Security Awareness Month (October); Data Privacy Day (Jan. 28); STOP. THINK. CONNECT.(TM), the global online safety awareness and education campaign co-founded by NCSA and the Anti-Phishing Working Group with federal government leadership from DHS; and CyberSecure My Business(TM), which offers webinars, web resources and workshops to help businesses be resistant to and resilient from cyberattacks. For more information on NCSA, please visit staysafeonline.org/about-us/overview/.
View original content to download multimedia:http://www.prnewswire.com/news-releases/safeguarding-the-nations-infrastructure-needs-to-be-our-shared-responsibility-300735086.html
SOURCE National Cyber Security Alliance
