18^th Annual Cybersecurity Awareness Month

National Cybersecurity Awareness Month, now in its 18^th year, was created under the leadership from the U.S. Department of Homeland Security (DHS) and the National Cyber Security Alliance (NCSA) to be a collaborative effort between government and industry to make sure Americans have the necessary resources to stay safer and more secure online. This year Cybersecurity Awareness Month is co-led by NCSA and the Cybersecurity and Infrastructure Agency (CISA), a fairly new division of DHS.

Week 1 – Be Cyber Smart

This week we focus on the basics for being cyber smart. We spend so much time working with the Institute’s and our personal data online these days we have to constantly think about what we are doing and who may be able to access this data.

Did you know???

• 61% of data breaches used compromised credentials, according to the Verizon Data Breach Investigations Report.
• 56% of IT leaders believe their employees have picked up back cybersecurity habits and behaviors since working from home. (Tessian)
• More than 99.9% pf Microsoft enterprise accounts that get hacked by attackers did not use multi-factor authentication. (ZDNet)

All it takes is some effort on our part to spoil many efforts on the part of the criminals. Here are some basic best security practices for keeping the Institute’s data safe, as well as your own.

1. Create a strong password and use multi-factor authentication.
   • UTIA IT0132 – Identification and Authentication Policy requires a strong password.
   • Many of the University’s applications require the use Duo, which is one type of multifactor authentication.
2. Back up your data.
   • Please see Backup Guidelines for Institute-Owned Assets and Data.
3. Update your software.
   • Because we use Desktop Central for managing Institute-owned computers, software on the approved list will get patched and updates pushed through Desktop Central.
   • It is highly recommended that you check your apps from time to time to ensure those updates are being done. If not, please let me know.
4. Use safe browser settings.
   • Please see Recommended Security Browser Settings.
   • One of the most important of these is to NOT allow your password to be saved by the browser!

When we all do the right thing, we protect the Institute and its data. And in the process, we learn more about how to keep our own data (e.g., bank accounts, SSNs, etc.) safe from the cyber criminals. And remember that I am here to help you with issues, answer questions, etc.

Thank you for all you do!

Sandy