It's national cybersecurity awareness month… who knew?

November Update 11/18/2013 November 2013 Update IN THIS ISSUE Looking Back at National Cyber Security Awareness Month Keystone Events DHS Component Spotlight: US-CERT Stay Cyber Safe on Cyber Monday Partner Spotlight: Infragard Looking Back: National Cyber Security Awareness Month Key Events National Cyber Security Awareness Month (NCSAM) featured a wide range of events hosted by the Department of Homeland Security (DHS) and the Stop.Think.Connect.™ Campaign’s co-leader the National Cyber Security Alliance (NCSA), as well as National Network and Cyber Awareness Coalition partners, and federal, state, and local government partners and private sector organizations. Below is a recap of the key events that took place during NSCAM 2013. NCSAM Kick-Off Event: Boston, Massachusetts This year’s NCSAM kick-off event took place at the Federal Reserve Bank in Boston, Massachusetts. State Senator Robert Hedlund and Secretary for the Executive Office of Finance and Administration Michael Shor delivered opening remarks, discussing the steps Massachusetts is taking to increase its cybersecurity posture. NCSA Executive Director Michael Kaiser was also on hand to talk about the 10th anniversary of NCSAM. After the opening remarks, a panel session focused on the advances in and evolving issues related to cybersecurity during the last 10 years, and looked ahead to what the next 10 years might bring. Approximately 150 people attended, representing federal, state, and local governments and private industry. Online Privacy Event with Nev Schulman: Los Angeles, California MTV’s Catfish producer and Campaign partner Nev Schulman and McAfee Chief Privacy Officer Michelle Dennedy talked with students at Gertz-Ressler High School in Los Angeles about the importance of practicing safe online behavior and knowing who you are talking to online. A post-event interview with Nev was featured on Red Carpet Report TV. The Campaign and NCSAM were also mentioned in an US Weekly article about the Catfish television show. View videos of the event at the StaySafeOnline YouTube page. NASDAQ Opening Bell Ceremony: New York, New York For the third year in a row, the NASDAQ Opening Bell Ceremony was dedicated to NCSAM. Representatives from the Federal Government, private sector, and cyber organizations were on hand to help ring the opening bell. Attendees included DHS Acting Secretary Rand Beers, DHS Deputy Under Secretary for Cybersecurity Phyllis Schneck, White House Senior Director for Cybersecurity Andrew Ozment, Department of Commerce Deputy Secretary Patrick Gallagher, NCSA Director Michael Kaiser and Board Member Andrew Lee, as well as representatives from several Fortune 500 companies. After the ceremony, a panel session discussed the importance of strong cybersecurity practices in business and how executives can help manage cyber risks. Cyber Crime Event: Chicago, Illinois The NCSAM Cyber Crime keystone event was sponsored by National Network partner InfraGard and focused on the importance of preventing cyber crime. DHS Deputy Under Secretary for Cybersecurity Phyllis Schneck discussed DHS’ efforts to protect against and respond to cyber crime, including the work carried out by the National Cybersecurity and Communications Integration Center (NCCIC) and its operational branches, the U.S. Computer Emergency Readiness Team (US-CERT) and the Industrial Control Systems Computer Emergency Response Team (ICS-CERT). Additionally, Deputy Under Secretary Schneck talked about the U.S. Immigration and Customs Enforcement (ICE) Cyber Crimes Center (C3), which provides cyber crime support and training to federal, state, local, and international law enforcement agencies. Schneck also discussed the Campaign’s yearlong focus on general cybersecurity awareness and guidance, and highlighted National Network partners such as InfraGard and the International Association of Chiefs of Police (IACP) for their good work promoting cybersecurity education and awareness. Other speakers included the United States Secret Service (USSS) Assistant Director for Investigations Paul Morrissey, USSS Chicago Field Office Senior Agent Frank Bennedetto, InfraGard Chicago Members Alliance President Paul Sands, NCSA Executive Director Michael Kaiser, White House Cybersecurity Coordinator Michael Daniel, IACP representative David Roberts, Cook County Department of Homeland Security and Emergency Management Executive Director Michael Masters, and U.S. Bank Chief Information Security Officer Jason Witty. They delivered remarks about the state of cyber crime and the importance of cybersecurity education and awareness to thwart cyber threats. A panel session featuring leadership from DHS, law enforcement, and industry engaged in a candid conversation about cyber crime trends and shared best practices to thwart cyber threats. After the panel, the USSS Chicago Electronic Crimes Task Force demonstrated how easily hackers can exploit Internet-connected devices. The USSS set up a fake “free Wi-Fi” hotspot that morning for the Aon Center, where the event was hosted. Many participants connected to the hotspot, believing it to be the convention center’s legitimate wireless network.   Cybersecurity Costs and Solutions Conference: Washington, DC Bloomberg Government sponsored the Cybersecurity: Costs and Solutions Conference to discuss the cyber risks around the Nation’s critical infrastructure and the high costs of protecting against cyber threats. Among other speakers, DHS Undersecretary for the National Protection and Programs Directorate (NPPD) Suzanne Spaulding and White House Cybersecurity Coordinator Michael Daniel participated on a panel session, “Risk and Response: A National Cyber Strategy.” Spaulding and Daniel discussed the currently in-development Cybersecurity Framework for critical infrastructure and the forming of a voluntary program to assist industry in their cyber risk management efforts. Watch a full replay of the event. DHS Component Spotlight: United States Computer Emergency Readiness Team (US-CERT) Cyber threats and vulnerabilities are constantly changing and evolving. The United States Computer Emergency Readiness Team (US-CERT), a branch of the National Cybersecurity and Communications Integration Center (NCCIC), is an operational unit that collects, analyzes, and shares information about cyber incidents and threats to the Nation’s Internet infrastructure. For 24 hours a day, seven days a week, US-CERT staff engage in a variety of initiatives to collect, analyze, and distribute data. US-CERT focuses on network analytics, threat analysis and information sharing, digital analytics, operations, communications, and international operations. As part of its threat analysis and information sharing efforts, US-CERT operates the National Cyber Awareness System (NCAS). Through the NCAS, US-CERT distributes timely alerts on cyber threats and weekly bulletins on vulnerabilities. US-CERT also developed and maintains a current activity page with summaries of high impact, frequently occurring security incidents. Between March 2012 and February 2013, more than 60,000 incidents were reported to US-CERT, and US-CERT published over 10,000 alerts and advisories. US-CERT collects information in a variety of ways. Anyone can submit an incident or report a software vulnerability through the US-CERT website. US-CERT also operates the Einstein 2 system, which is installed in Federal Government computers and can automatically detect and alert users about malicious activities/intrusions. US-CERT also analyzes the data collected by Einstein 2. US-CERT also shares information with international partners, including several countries that are part of the International Watch and Warning Network (IWWN). In addition to incident reporting, the US-CERT website (www.us-cert.gov) features cybersecurity tips, guidance, and links to other government resources. Stay Safe on Cyber Monday Too tired or full of turkey to go shopping at 5:00 AM on Black Friday? Thankfully, Cyber Monday has become an internationally known day for holiday shopping online. Most major retailers have embraced Cyber Monday and are offering great deals for people who would rather do their holiday shopping from the comfort of their homes. Cyber Monday has become so popular that last year, consumers spent over $1.45 billion on Cyber Monday, and this year Fed-Ex is expecting to ship over 22 million packages on Monday, December 2, which would make it the busiest day in Fed-Ex history. To keep yourself safe, apply these everyday cybersecurity tips when shopping online: Keep a clean machine. Make sure your software, operating system, and antivirus programs are all updated. This will help your computer fight against viruses and malware that can be sent through emails, links, and websites. Connect with care. Try not to do any online shopping on unsecure wireless networks, such as places with public and free Wi-Fi. Do your online shopping at home, and make sure your home wireless network is password protected. Be cautious online. Do not click on suspicious links or download items from unknown sources. Do not click on links from pop-up ads. Do not follow unsolicited web links in email and pop-up ads. Pay attention to website URLs. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (for example, the malicious site may use .net instead of .com). Also look in the address box for https:// before any transaction. Unlike http:// URLs, https:// tells you that the site is taking extra measures to secure your information.   Set strong passwords. Especially for sensitive online accounts (such as online banking), make sure your passwords are complex and unique to each account. Change your password often, and do not set passwords that will be easy for cyber criminals to guess. A good rule of thumb is to create passwords with eight characters or more that use a combination of numbers, letters, and symbols. Don’t believe everything you see. While many retailers are offering great deals on Cyber Monday, there will also be deals that are just too good to be true. So before you buy that new iPad for only $50, be sure to shop only on the websites of trusted, major retailers, and avoid shopping through pop-up ads or suspicious websites. Use a credit card. There are laws to limit your liability for fraudulent card charges. You may not have the same level of protection when using a debit card. Keep a record of your order. Retain all documentation from the order in case your purchase does not ship or if there are unauthorized charges on your bill. Check your statements. Check your purchase records against your credit card and bank statements. If there are differences, report them immediately. With the increasing threat of cyber scams and other online shopping fraud, it’s important for everyone to practice safe online behavior on Cyber Monday, throughout the holidays, and every day.