Cybersecurity is Everyone’s Responsibility
October is National Cybersecurity Awareness Month. This month is therefore a good time to be reminded of the importance of securing our cyberspace. It is also an opportunity to educate yourself and others on what issues we face and what we can do to enhance our security. We all know about the benefits and conveniences that the internet and its networks offer us in our work and our daily lives, but it is also important to be mindful of the risks associated with our increased reliance on cyberspace. When it comes to cybersecurity, we have to understand that it is a shared responsibility and everyone can do their part to ensure our safety and security.
Good Cyber Hygiene
The first step toward good cybersecurity is good “cyber hygiene”. The prevalence of threats like viruses, trojans, and hacking is well known. Thus, everyone who uses a computer or a mobile device should take the necessary precautions to keep their equipment protected. That means keeping all software up to date, ensuring that the latest anti-virus programs are running properly, and only downloading and installing software from trusted sources.
The Department of Homeland Security (DHS) has posted Toolkit Materials for all kinds of audiences to help implement good cybersecurity. Whether you are a student, a parent, a small business owner, work for the government, or are in law enforcement, DHS provides useful tips for keeping you and your networks safe.
Cybersecurity is a shared responsibility and everyone is on the front line. If we all do our part, we will go a long way towards securing our cyberspace.
As we spend more time on the internet and conduct more of our transactions in cyberspace, we are also seeing an increase in cyber-crime. Identity theft, data theft, and fraud, for example, are occurring at an increasingly alarming rate. Good cyber hygiene will help protect against some of these crimes, but users must also be alert to potential threats whenever they are online. Beware of phishing scams that seek to gain your personal information. Use secure passwords and never repeat those passwords for multiple logins. Use industry standard encryption to protect your data. These steps will all help to protect yourself, your business, or your organization from cyber-crime. Should you nevertheless become victim to a cyber-crime, there are many resources that can help you.
Protecting Critical Infrastructure
A large and difficult task is protecting our nation’s critical infrastructure from cyber threats. Utility plants, power grids, transportation systems, and information networks are increasingly at risk as they become more reliant on network connectivity. Breaches in their network security could result in severe consequences to basic services, public safety, and the financial sectors to name a few. Since critical infrastructure is largely owned and operated by the private sector, government and the private sector need to find ways to work closely together to ensure critical infrastructure protection and resiliency.
Both the government and the private sector agree that sharing threat information would be a big step towards increasing security. However, it is still unclear how this information sharing should occur, and there are legitimate issues regarding privacy, liability, and civil liberties that still need to be resolved. While we wait for Congress to pass legislation on this matter, the President has issued an Executive Order to help protect critical infrastructure. Executive Order 13636 Improving Critical Infrastructure Cybersecurity authorizes the creation of a Cybersecurity Framework that establishes voluntary cybersecurity standards and best practices for privately held critical infrastructure owners. However, since the private sector cannot be forced to implement these standards, the Framework will create incentives for adoption. Until legislation is passed, the Framework will hopefully enable the public and private sectors to work together to increase our security.
While the federal government is doing its part to strengthen cybersecurity, States are adding to the effort by implementing their own strategies. Maryland, for example, is a leader in promoting cyber innovation and strategic planning. The Maryland Commission on Cybersecurity Innovation and Excellence, of which CHHS Founder and Director Michael Greenberger is a member, reviews laws and policies and makes recommendations on how to promote cybersecurity in the State. As part of its responsibilities, the Commission recommends ways to attract private involvement and encourage public and private partnerships, research and development, workforce training, and education. All of these initiatives will reinforce our preparedness and resiliency.
This year actually marks the 10th anniversary of National Cybersecurity Awareness month. We have seen a lot of development and innovation in the cyber world over the last decade. Most of us probably have difficulty imagining what the next ten years might bring. It is therefore especially important to be aware of the issues and to build a solid foundation in cybersecurity. That way, we can be prepared for the constantly evolving threats in cyberspace, but also fully revel in its benefits.