The CISO's Desk (October 2023)

Ralph Johnson
State CISO Ralph Johnson

Since 2004, this nation has recognized October as Cybersecurity Awareness Month as a broad effort to help all Americans become safer and more secure online.

The National Cyber Security Alliance (NCSA) and the Department of Homeland Security (DHS) proposed highlighting cybersecurity awareness topics throughout October, with early efforts centered around advice like updating your antivirus software twice a year.

Online risks have evolved and proliferated over the years, and Cybersecurity Awareness Month has grown dramatically in response, expanding the number of activities, presentations, and events. It has also spread beyond the borders of the United States to become an international phenomenon.

The objective of the month is to: “Raise awareness about the importance of cybersecurity, ensuring everyone has the resources they need to be safer and secure online.”

NCSA and the DHS each year select a “Theme” for the month. In past years, themes have included “Our Shared Responsibility” (2009-2018) and “See Yourself in Cyber” (2022). This year's theme is “Secure Our World,” which emphasizes each person's role in preventing cyberattacks and promoting a culture of security. Each week will focus on a key behavior by encouraging everyone to take four simple steps to stay safe online:

  • Use strong passwords and a password manager: Create long, random, and unique passwords for each account and store them securely in a password manager. This will make it harder for hackers to guess or crack your passwords.
  • Enable multifactor authentication (MFA): Enable an additional layer of security for your online accounts that requires something you know (such as a password), something you have (such as a phone or a token), or something you are (such as a fingerprint or a face scan). This will prevent unauthorized access even if your password is compromised.
  • Recognize and reporting phishing: Be wary of unsolicited emails, texts, or calls that ask for personal or financial information or urge you to click links or open attachments. These could be phishing attempts that trick you into giving up your credentials or installing malware on your device. Verify the sender's identity and report any suspicious messages to the appropriate authorities or your IT department.
  • Update software: Keep your operating system, applications, web browser, and antivirus software up to date with the latest security patches and updates. This will fix any vulnerabilities hackers could exploit to compromise your device or data.

Following these steps, you can help protect yourself and others from cyber threats and contribute to a more secure online environment.

Governor Insley has issued a proclamation recognizing cybersecurity awareness month in the state. The Cybersecurity Awareness workgroup has planned some exciting activities scheduled throughout the month of October. Activities include an in-person cyber escape room, monthly presentations, Kahoot quizzes, and others. The remainder of this newsletter will provide further details.

Remember, cybersecurity starts with you being part of the solution!

Ralph Johnson

State Chief Information Security Officer