Every year since 2004, CISA (Homeland Security’s Cybersecurity & Infrastructure Security Agency) and the National Cybersecurity Alliance have promoted awareness of cybersecurity best practices. CISA acknowledges that cybersecurity is a collaborative effort between private companies, government agencies, and individual citizens. To increase cybersecurity awareness and ensure we all protect ourselves from phishing attempts and other attacks, CISA creates and publishes free resources on its site.
These resources cover everything from key behaviors associated with good digital hygiene so individuals can stay safe online to the latest advancements in data security so each company can protect itself from a devastating data breach. Each year, CISA also assigns a theme for National Cybersecurity Awareness Month. As we celebrate its twentieth year, the theme of this October’s Cyber Security Awareness Month is “Secure Our World: 2023 and Beyond.”
Read on to learn about how the Biden Administration plans to protect our critical infrastructure by investing more in cybersecurity, and how we can all take simple steps to safeguard our sensitive information from bad actors.
The Biden Administration has doubled down on the cybersecurity efforts of previous presidents and congresses–identifying cybersecurity as a national security priority in light of several high-profile cyber attacks that targeted U.S. infrastructure, businesses, and government agencies. Its proactive and comprehensive approach to cybersecurity recognizes the evolving threats in this landscape and acknowledges the critical importance of securing our nation’s digital infrastructure and assets.
This comprehensive approach involves strengthening international alliances, appointing officials with deep cybersecurity expertise, addressing threats from other nation-states, and amping up infrastructure investment. In May 2021, President Biden also signed an executive order designed to strengthen our federal government’s cybersecurity defenses.
This order includes measures designed to enhance software supply chain security, establish a cybersecurity safety review board, standardize the federal government’s response to cybersecurity vulnerabilities, and improve the detection of cybersecurity vulnerabilities and incidents on federal government networks.
Underscoring The Critical Importance of Enhancing Public-Private Collaboration
Notably, the Administration has also underscored the value of enhancing public-private collaboration. Previous administrations have also supported these partnerships–noting the importance of applying private-sector innovation and advancements to public-sector activities.
For example, consider the CSfC program—which enables the use of commercial off-the-shelf (COTS) products in multi-layered solutions that protect classified National Security Systems (NSS) data. In essence, the CSfC program represents a shift in the government’s approach to securing classified data—moving from custom-built, government-specific solutions to flexible, commercial-based, layered solutions that can be deployed rapidly to meet the evolving needs of national security.
The Biden Administration not only acknowledges how the private sector can help protect public sector agencies from cybersecurity threats. It also recognizes that many critical infrastructures are owned and operated by the private sector. As such, the administration has stressed the importance of public-private partnerships in defending against cyber threats. This includes sharing best practices and threat intelligence whenever possible.
This Year’s Cybersecurity Awareness Month Theme
The theme for this October is “Secure Our World: 2023 and Beyond.” According to this announcement from CISA, this year’s theme underscores the agency’s commitment to encouraging everyone “to take action each day to protect ourselves” against online threats. Themes for previous years also underscored the growing threat of bad actors in cyberspace and identified cybersecurity as a shared responsibility.
Our Shared Responsibility
The theme for 2018 was “Cybersecurity is Our Shared Responsibility and We All Must Work Together to Improve our Nation’s Cybersecurity.” This theme underscored the collective effort required to ensure a safer cyberspace, emphasizing that every individual and organization has a role to play.
2017’s theme was quite similar. “Our Shared Responsibility” reiterated the idea that everyone must accept their role in protecting data as well as observing appropriate digital hygiene. This includes how we use devices and networks.
Own IT. Secure IT. Protect IT.
The theme for 2019 was “Own IT. Secure IT. Protect IT.” This theme focused on consumer privacy, securing consumer devices, and e-commerce security. It highlighted the importance of taking ownership of one’s digital profile and being proactive in its protection.
The theme for 2020 and 2021 was “Do Your Part. #BeCyberSmart.” Again, this Cybersecurity Awareness Month theme emphasized the role individuals must take in protecting data. It stressed personal accountability and the critical importance of taking proactive steps to enhance cybersecurity.
Last year’s theme was “See Yourself in Cyber.” This emphasizes the fact that seemingly minor daily decisions about how we behave online can have serious consequences. As this resource from the University of Maryland notes, “an organization’s cybersecurity operation is only as strong as its people.” Once again, the Cybersecurity Awareness Month theme points to our shared responsibility and the constant need to raise awareness about this critical issue.
While CISA also seeks to raise awareness of cybersecurity threats and the importance of personal responsibility, it also seeks to empower us in achieving those goals.
To aid in this fight, CISA has released a series of recommendations and resources for everyone seeking to secure online data—thereby preventing identity theft, personally identifiable information, damage to shared infrastructure, and so much more. The importance of staying safe online cannot be understated.
With that said, CISA has identified “four key behaviors” that protect us as we navigate our increasingly complex digital world. It recommends using strong passwords, only visiting trusted internet sites, immediately reporting phishing attempts upon recognition, and updating software whenever prompted. CISA also recommends that all individuals and organizations enable MFA for online accounts—particularly financial accounts.
If each business, organization, and private individual implements these four key behaviors, we can prevent the next cyber incident from devastating our personal lives and the infrastructure upon which we all rely. As noted above, cybersecurity is a collaborative effort.
We must all do our part.