October 1, 2023—October is Cybersecurity Awareness Month when the private and public sector work together to raise awareness about digital security and provide tools on how consumers and businesses can protect their data from digital crimes. 2023 marks the 20th anniversary of Cybersecurity Awareness Month, and this year, the Cybersecurity and Infrastructure Security Agency (CISA) has launched a new cybersecurity awareness program, Secure Our World. They have also partnered with the National Cybersecurity Alliance (NCA) to provide up-to-date educational resources including practical advice on dealing with hacks and viruses, learning to spot phishing and other online scams, teaching children about online safety, reporting cybercrime, and more.
The following tips from www.cisa.gov are shared with their permission:
- Use strong passwords and a password manager: Strong passwords are critical to protecting data. They are long, random, unique, and include all four-character types (uppercase, lowercase, numbers, and symbols). Password managers are a powerful tool to help you create long, random, and unique passwords for each of your accounts. Plus, they make storing passwords and user IDs easy.
- Turn on multi-factor authentication (MFA): You need more than a password to protect your online accounts and enabling MFA makes you significantly less likely to get hacked. Enable multi-factor authentication on all your online accounts that offer it, especially email, social media, and financial accounts and use authentication apps or hardware tokens for added security.
- Recognize & report phishing: Phishing emails, texts, and calls are the number one way data gets compromised. Be cautious of unsolicited emails, texts or calls asking for personal information. Avoid sharing sensitive information or credentials over the phone or email unless necessary and don’t click on links or open attachments sent from unknown sources. Verify the authenticity of requests by contacting the individual or organization through a trusted channel. Report phishing attempts to the appropriate authorities or IT department. Learn to recognize the signs of phishing and report these incidents to protect data and devices.
- Update software: Ensuring your software is up to date is the best way to make sure you have the latest security patches and updates on your devices. Regularly check manually for updates if automatic updates are not available and keep operating systems, antivirus software, web browsers, and applications up to date.
Financial institutions are encouraged to educate their members of the security features of their online banking platforms and mobile applications, and to provide them with resources on how to protect personal data and financial resources when making payments or performing other banking transactions. The month provides the opportunity to review their risk management procedures, tools to protect member and credit union data, current threats and trends, and their expectations for reporting potential cybercrime.
Additional Cybersecurity Awareness resources, including a digital toolkit of graphics and content, are available at the CISA website at –www.cisa.gov.