Every October we have so many important things to observe:

• Breast Cancer Awareness Month
• Domestic Violence Awareness Month
• National Bullying Prevention Month
• International Black Cat Awareness Month
• Adopt a Shelter Dog Month
• National Book Month
• My birthday
• Halloween

But did you know that this year marks the 20^th Cybersecurity Awareness Month? In 2004, the National Cybersecurity Alliance and the U.S. Department of Homeland Security, at the direction of the President and Congress, launched the first Cybersecurity Awareness Month for the public and private sectors to work together to raise awareness about the importance of cybersecurity. This has grown into a collaborative effort between government and industry to enhance cybersecurity awareness, encourage the public to reduce online risk, and generate discussion on cyber threats on a national and global scale. And for the past eight years, the University of Tennessee Institute of Agriculture has been named a Cybersecurity Awareness Month Champion organization as we represent those dedicated to promoting a safer, more secure, and more trusted internet.

In recognition of this 20^th year, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) announced a new enduring cybersecurity awareness program, Secure Our World, which is the theme for this year’s Cybersecurity Awareness Month and will remain the continuing theme for future awareness month campaigns. This month’s newsletters will cover the tips CISA is sharing to Secure Our World, and today I want to share the first one.

Four Easy Ways to Stay Safe Online

1. Recognize and Report Phishing
   • Most phishing attempts rely on the recipient to accidentally download malware by clicking a link or an attachment.
   • These phishing attempts also use social engineering to trick recipients into sharing their personal information.
   • Do not click on anything and do not reply.
   • Recognize the sense of urgency used in the message, as well as the many mistakes in grammar, formatting, etc.
   • And remember that if an offer seems to good to be true, ignore it.
   • Please report these message by using the instructions found at Reporting Phishing Attempts.

2. Use Strong Passwords
   • Simple passwords can be easily guessed.
   • Use at least 12 characters and don’t use words and phrases that others can easily guess by looking at your social media accounts (e.g., ilovetheyankees).
   • Use a unique password for every account you have, both work and non-work accounts.

3. Use Multifactor Authentication anywhere it is offered.
   • UT uses Duo two-factor authentication for things that use UT credentials.
   • Other non-UT accounts also offer this option.
   • Facebook, banks, and many other places allow you to use MFA for their accounts through apps like Google Authenticator.
   • You can also use touch ID or face recognition when those options are offered.
   • Using this extra layer of protection for logging in will make it much less likely for your accounts to be hacked.

4. Update Software
   • The Institute does automatic updates for your operating system, as well as your apps and browsers.
   • If you get a popup with the correct logo that reminds you that you need to do your updates, let the updates be completed.
   • If you are in the middle of a process that cannot be interrupted with an update, reboot your system as soon as you are finished with that process.
   • And, while our browsers are being managed and updates are automatically being pushed, please don’t forget to restart your browser *regularly* to get those updates completed.

Please remember that we have to do our part to stay safe online. But also remember that I am here to help you any time you have questions or concerns.

I hope you all have a wonderful week!

Sandy