It's national cybersecurity awareness month… who knew?
November 2013 Update
IN THIS ISSUE
Looking Back at National Cyber Security Awareness Month Keystone Events
DHS Component Spotlight: US-CERT
Stay Cyber Safe on Cyber Monday
Partner Spotlight: Infragard
Looking Back: National Cyber Security Awareness Month Key Events
Cyber Security Awareness Month (NCSAM) featured a wide range of events
hosted by the Department of Homeland Security (DHS) and the
Stop.Think.Connect.™ Campaign’s co-leader the National Cyber Security
Alliance (NCSA), as well as National Network and Cyber Awareness
Coalition partners, and federal, state, and local government partners
and private sector organizations. Below is a recap of the key events
that took place during NSCAM 2013.
NCSAM Kick-Off Event: Boston, Massachusetts
year’s NCSAM kick-off event took place at the Federal Reserve Bank in
Boston, Massachusetts. State Senator Robert Hedlund and Secretary for
the Executive Office of Finance and Administration Michael Shor
delivered opening remarks, discussing the steps Massachusetts is taking
to increase its cybersecurity posture. NCSA Executive Director Michael
Kaiser was also on hand to talk about the 10th anniversary of NCSAM.
After the opening remarks, a panel session focused on the advances in
and evolving issues related to cybersecurity during the last 10 years,
and looked ahead to what the next 10 years might bring. Approximately
150 people attended, representing federal, state, and local governments
and private industry.
Online Privacy Event with Nev Schulman: Los Angeles, California
Catfish producer and Campaign partner Nev Schulman and McAfee Chief
Privacy Officer Michelle Dennedy talked with students at Gertz-Ressler
High School in Los Angeles about the importance of practicing safe
online behavior and knowing who you are talking to online. A post-event
interview with Nev was featured on Red Carpet Report TV. The Campaign and NCSAM were also mentioned in an US Weekly article about the Catfish television show. View videos of the event at the StaySafeOnline YouTube page.
NASDAQ Opening Bell Ceremony: New York, New York
For the third year in a row, the NASDAQ Opening Bell Ceremony was dedicated to NCSAM. Representatives from theFederal
Government, private sector, and cyber organizations were on hand to
help ring the opening bell. Attendees included DHS Acting Secretary Rand
Beers, DHS Deputy Under Secretary for Cybersecurity Phyllis Schneck,
White House Senior Director for Cybersecurity Andrew Ozment, Department
of Commerce Deputy Secretary Patrick Gallagher, NCSA Director Michael
Kaiser and Board Member Andrew Lee, as well as representatives from
several Fortune 500 companies. After the ceremony, a panel session
discussed the importance of strong cybersecurity practices in business
and how executives can help manage cyber risks.
Cyber Crime Event: Chicago, Illinois
NCSAM Cyber Crime keystone event was sponsored by National Network
partner InfraGard and focused on the importance of preventing cyber
crime. DHS Deputy Under Secretary for Cybersecurity Phyllis Schneck
discussed DHS’ efforts to protect against and respond to cyber crime,
including the work carried out by the National Cybersecurity and Communications Integration Center (NCCIC) and its operational branches, the U.S. Computer Emergency Readiness Team (US-CERT) and the Industrial Control Systems Computer Emergency Response Team (ICS-CERT). Additionally, Deputy Under Secretary Schneck talked about the U.S. Immigration and Customs Enforcement (ICE) Cyber Crimes Center (C3), which provides cyber
crime support and training to federal, state, local, and international
law enforcement agencies. Schneck also discussed the Campaign’s yearlong
focus on general cybersecurity awareness and guidance, and highlighted
National Network partners such as InfraGard and the International
Association of Chiefs of Police (IACP) for their good work promoting
cybersecurity education and awareness.
speakers included the United States Secret Service (USSS) Assistant
Director for Investigations Paul Morrissey, USSS Chicago Field Office
Senior Agent Frank Bennedetto, InfraGard Chicago Members Alliance
President Paul Sands, NCSA Executive Director Michael Kaiser, White
House Cybersecurity Coordinator Michael Daniel, IACP representative
David Roberts, Cook County Department of Homeland Security and Emergency
Management Executive Director Michael Masters, and U.S. Bank Chief
Information Security Officer Jason Witty. They delivered remarks about
the state of cyber crime and the importance of cybersecurity education
and awareness to thwart cyber threats. A panel session featuring
leadership from DHS, law enforcement, and industry engaged in a candid
conversation about cyber crime trends and shared best practices to
thwart cyber threats. After the panel, the USSS Chicago
Electronic Crimes Task Force demonstrated how easily hackers can exploit
Internet-connected devices. The USSS set up a fake “free Wi-Fi” hotspot
that morning for the Aon Center, where the event was hosted. Many
participants connected to the hotspot, believing it to be the convention
center’s legitimate wireless network.
Cybersecurity Costs and Solutions Conference: Washington, DC
Government sponsored the Cybersecurity: Costs and Solutions Conference
to discuss the cyber risks around the Nation’s critical infrastructure
and the high costs of protecting against cyber threats. Among other
speakers, DHS Undersecretary for the National Protection and Programs
Directorate (NPPD) Suzanne Spaulding and White House Cybersecurity
Coordinator Michael Daniel participated on a panel session, “Risk and
Response: A National Cyber Strategy.” Spaulding and Daniel discussed the
currently in-development Cybersecurity Framework for critical
infrastructure and the forming of a voluntary program to assist industry
in their cyber risk management efforts. Watch a full replay of the event.
DHS Component Spotlight: United States Computer Emergency Readiness Team (US-CERT)
threats and vulnerabilities are constantly changing and evolving. The
United States Computer Emergency Readiness Team (US-CERT), a branch of
the National Cybersecurity and Communications Integration Center
(NCCIC), is an operational unit that collects, analyzes, and shares
information about cyber incidents and threats to the Nation’s Internet
24 hours a day, seven days a week, US-CERT staff engage in a variety of
initiatives to collect, analyze, and distribute data. US-CERT focuses
on network analytics, threat analysis and information sharing, digital
analytics, operations, communications, and international operations.
part of its threat analysis and information sharing efforts, US-CERT
operates the National Cyber Awareness System (NCAS). Through the NCAS,
US-CERT distributes timely alerts on cyber threats and weekly bulletins
on vulnerabilities. US-CERT also developed and maintains a current activity
page with summaries of high impact, frequently occurring security
incidents. Between March 2012 and February 2013, more than 60,000
incidents were reported to US-CERT, and US-CERT published over 10,000
alerts and advisories.
US-CERT collects information in a variety of ways. Anyone can submit an incident or report a software vulnerability
through the US-CERT website. US-CERT also operates the Einstein 2
system, which is installed in Federal Government computers and can
automatically detect and alert users about malicious
activities/intrusions. US-CERT also analyzes the data collected by
also shares information with international partners, including several
countries that are part of the International Watch and Warning Network
In addition to incident reporting, the US-CERT website (www.us-cert.gov) features cybersecurity tips, guidance, and links to other government resources.
Stay Safe on Cyber Monday
tired or full of turkey to go shopping at 5:00 AM on Black Friday?
Thankfully, Cyber Monday has become an internationally known day for
holiday shopping online. Most major retailers have embraced Cyber Monday
and are offering great deals for people who would rather do their
holiday shopping from the comfort of their homes. Cyber Monday has
become so popular that last year, consumers spent over $1.45 billion on
Cyber Monday, and this year Fed-Ex is expecting to ship over 22 million packages on Monday, December 2, which would make it the busiest day in Fed-Ex history.
To keep yourself safe, apply these everyday cybersecurity tips when shopping online:
Keep a clean machine. Make sure your
software, operating system, and antivirus programs are all updated. This
will help your computer fight against viruses and malware that can be
sent through emails, links, and websites.
Connect with care. Try not to do any
online shopping on unsecure wireless networks, such as places with
public and free Wi-Fi. Do your online shopping at home, and make sure
your home wireless network is password protected.
Be cautious online. Do not click on
suspicious links or download items from unknown sources. Do not click on
links from pop-up ads. Do not follow unsolicited web links in email and
Pay attention to website URLs. Malicious
websites may look identical to a legitimate site, but the URL may use a
variation in spelling or a different domain (for example, the malicious
site may use .net instead of .com). Also look in the address box for
https:// before any transaction. Unlike http:// URLs, https:// tells you
that the site is taking extra measures to secure your information.
Set strong passwords. Especially
for sensitive online accounts (such as online banking), make sure your
passwords are complex and unique to each account. Change your password
often, and do not set passwords that will be easy for cyber criminals to
guess. A good rule of thumb is to create passwords with eight
characters or more that use a combination of numbers, letters, and
Don’t believe everything you see. While
many retailers are offering great deals on Cyber Monday, there will also
be deals that are just too good to be true. So before you buy that new
iPad for only $50, be sure to shop only on the websites of trusted,
major retailers, and avoid shopping through pop-up ads or suspicious
Use a credit card. There are laws to limit
your liability for fraudulent card charges. You may not have the same
level of protection when using a debit card.
Keep a record of your order. Retain all documentation from the order in case your purchase does not ship or if there are unauthorized charges on your bill.
Check your statements. Check your purchase records against your credit card and bank statements. If there are differences, report them immediately.
the increasing threat of cyber scams and other online shopping fraud,
it’s important for everyone to practice safe online behavior on Cyber
Monday, throughout the holidays, and every day.