October is National Cyber Security Awareness Month (NCASM). NCASM is a time set aside by the
Department of Homeland Security (DHS) to help raise awareness of the growing and persistent threat
posed by cyber breaches against individuals, organizations, and critical infrastructures. Dr. Ray
Klump, Chair of Computer and Mathematical Sciences,
kicked off Lewis University’s recognition of NCASM with an Arts and Ideas talk.
Each week of NCSAM focuses on a particular theme. The first week promotes cyber security as a personal and
shared responsibility through a campaign called “Stop. Think. Connect.” DHS provides a number of valuable tools and tips on its website to educate citizens about the pitfalls they face online and to prepare them to steer around them. The site includes links to advice for keeping your cell phone secure and for using social media privately and responsibly. The site also includes tips for what to do if anc when you become the victim of cyber crime.
The second week promotes the theme “Cyber from the break room to the board room.” Organizations must promote a pervasive sense of vigilence against cyber threats. An organization’s members must take personal responsibility for their actions online and their role in keeping the organization’s data secure. Likewise, an organization’s leaders must prioritize cyber security as a top concern and dedicate their efforts and resources accordingly. Preventing cyber attack can’t be a top-down effort. It requires widespread commitment. That includes avoiding clicking unthinkingly on links in emails and documents, using encryption consistently and ubiquitously, and employing multifactor authentication instead of just passwords whenever possible.
Week 3 of NCSAM addresses cyber crime and what to do if you fall victim to it. The average cyber security
heist costs an organization over $670,000. Costs practically double when health care records are stolen. Most victims are small and medium-sized businesses, and the majority of those that are attacked close within 6 months of the breach. The consequences of a cyber attack are dire to organizations and individuals alike. If you fall prey to a cyber attack, you should contact law enforcement immediately, and you should report the incident to
In Week 4, NCSAM addresses how to balance our ever-connected lives with the need to exercise caution online.
Mobile apps make going online amazingly easy, but that ease can make us let down our guard. When we install a
new app on our phones, do we trust it? What kinds of permissions do we grant that app? And, perhaps surprisingly, we can’t focus just on our cell phones. All those devices we use in our homes and businesses, including smart thermostats and video game machines and products that respond to voice commands, store and communicate our information. This “internet of things” also poses a significant danger that is expected to grow as the number of connected devices soars to 40 billion over the next 5 years. Just because a device doesn’t look like a computer doesn’t mean it’s immune to cyber attack. Again, responsible usage, which includes caution when sharing data through them and making sure that we install patches to fix their security problems, is an absolute requirement if we are going to remain safe.
Unfortunately, that leaves just one day – Halloween – to focus on what is probably the scariest reality of
the cyber security threat: how susceptible our critical infrastructures are to attack. Critical infrastructures
include the electric power grid, water filtration systems, gas pipelines, transportation, banking, logistics,
and any other geographically expansive network that provides crucial products and services. These networks
are increasingly computerized and automated. As a result, they are terribly susceptible to cyber attack. In fact,
the first known successful attack against an electric power grid occurred in the Ukraine on December 23, 2015.
The electrical grid in the United States is, arguably, just as susceptible. Researchers currently explore ways
to keep these kinds of critical systems secure, but it is a daunting task.
National Cyber Security Awareness Month isn’t exactly what one would call a cause for celebration. It serves
as a sobering reminder that our increasingly digital lives come at a price and carry great risk. That doesn’t
mean that we must somehow abandon our devices. It simply means that we must be smarter, more cautious, more
watchful, and more willing to work together to face down cyber threats.