2024 Cybersecurity Awareness Campaign
Don't Get Hooked!
don't_get_hooked.mp4
October is Cybersecurity Awareness Month, an international initiative that educates everyone about online safety and empowers individuals and businesses to protect their data from cybercrime.
Even amidst large-scale data breaches and cyberattacks, Cybersecurity Awareness Month reminds everyone that there are simple, effective ways to keep yourself safe online, protect your data, and ultimately help secure our world!
The theme of Cybersecurity Awareness Month is "Secure Our World!" This initiative reminds us that there are simple actions we can take every day to protect ourselves, our families, and businesses from online threats.
Cybersecurity Awareness Month focuses on the top four ways to stay safe online:
Use strong passwords and a password manager
Turn on multifactor authentication
Recognize and report phishing
Update software
Cybersecurity Awareness Month continues to build momentum and impact with the goal of providing everyone with the information they need to stay safe and more secure online.
ETS is proud to support this critically important online safety awareness and education initiative, led by the Cybersecurity and Infrastructure Security Agency and the National Cybersecurity Alliance.
For more information about Cybersecurity Awareness Month 2024 and how to participate in a wide variety of activities, visit cisa.gov/cybersecurity-awareness-month and staysafeonline.org/programs/cybersecurity-awareness-month/.
You can also follow and use the hashtag #CybersecurityAwarenessMonth and #SecureOurWorld on social media throughout the month.
Q&A with the ETS Security Team | State Capitol Auditorium, October 30th, 2-4 pm
Got questions about cybersecurity that keep you up at night? (Or maybe just make you roll your eyes?)
Join the ETS Security team for our first-ever Cybersecurity Q&A on October 30th from 2:00 PM - 4:00 PM at the State Capitol Auditorium.
We'll tackle your burning questions (like "What is a phishing scam anyway?"), bust some myths (no, you don't need to be a tech whiz to be cyber-safe), and even share a few funny cybersecurity jokes (because laughter is the best defense...after a strong password, of course).
Whether you're a tech whiz or just trying to keep your inbox safe from Nigerian princes, this event is for you. We'll have experts on hand to offer practical tips and answer all your questions, from the simple to the downright perplexing.
Here's what you can expect:
Expert insights: Get advice straight from the ETS Security team.
Myth-busting: Learn the truth about common cybersecurity misconceptions.
Practical tips: Discover simple ways to protect yourself and the state.
Q&A session: Get answers to your most pressing cybersecurity questions.
Don't miss out on this chance to get the inside scoop on cybersecurity - and even win a prize or two!
Space is limited, so sign up today to secure your spot!
Can't make it in person? Join us online!
CISO Coin Giveaway Challenge!
When you take the KnowBe4 training during October, you'll be entered into a drawing to win one of five limited-edition CISO coins!
Quadruple your chances and take all four trainings! These coins are a unique symbol of your commitment to cybersecurity and a great conversation starter. Contest ends October 31st, 2024.
Also, keep a close eye on your inbox throughout the month for a mystery challenge that will offer three lucky winners the chance to win one of three additional coins!
CISO Coin - Front
CISO Coin - Back
Congratulations to the winners of our limited edition CISO coins!
Your dedication to cybersecurity is making a real difference in keeping our state secure. Thank you for all you do.
KnowB4 Training Winners:
Cassandra Woster—State Parks & Cultural Resources
Shawn Smith—DOC (Riverton)
Paul Schurman—DOT (Rock Springs)
Phishing Emails Winners:
Brian Greene—State Library (Cheyenne)
Manhattan Jehlicka—DFS (Casper)
Don't Take the Bait: How to Spot and Stop Phishing Attacks
It's the perfect time to brush up on your phishing detection skills!
Phishing attacks are like digital fishing expeditions where cybercriminals cast out lures (fake emails, texts, or websites) hoping to hook unsuspecting victims and reel in their personal information.
We may open what we thought was a safe email, attachment or image only to find ourselves exposed to malware or a scammer looking for our personal data. The good news is we can take precautions to protect our important data. Learn to recognize the signs and report phishing to protect devices and data.
Recognize the Red Flags
Suspicious Sender: Is the email from a recognizable source? Be wary of unfamiliar senders or slight misspellings in email addresses.
Urgent or Threatening Language: Phishing emails often create a sense of urgency or fear, pressuring you to act quickly without thinking.
Too Good to be True Offers: If it sounds too good to be true, it probably is. Be skeptical of emails promising prizes, lottery winnings, or incredible deals.
Grammar and Spelling Errors: Legitimate organizations usually have good quality control. Numerous errors are a red flag.
Requests for Personal Information: No reputable organization will ask for your passwords, Social Security number, or banking details via email or text.
Suspicious Links or Attachments: Hover your mouse over links to see the actual destination. Don't click on links or open attachments from unknown senders.
Avoid Getting Hooked
Think Before You Click: Take a moment to consider the email's legitimacy before clicking anything.
Verify the Sender: If you're unsure, contact the organization directly using a known phone number or website, not the information in the email.
Check the Website Address: Look for "https" and a padlock icon in the address bar to ensure the website is secure.
Be Wary of Public Wi-Fi: Avoid accessing sensitive information on public Wi-Fi networks.
Enable Two-Factor Authentication: This adds an extra layer of security to your accounts.
Keep Your Software Updated: Updates often include security patches that protect against phishing attacks.
What to Do if You Suspect Phishing
Don't Click or Reply: Avoid interacting with the suspicious email or text in any way.
Report the Phishing Attempt:
To your email provider: Most email providers have a "report phishing" button.
To the Anti-Phishing Working Group: Forward the email to reportphishing@apwg.org.
To the Federal Trade Commission (FTC): Report the incident at ReportFraud.ftc.gov.
Delete the Message: Remove the phishing email or text from your inbox or phone.
Stay vigilant and remember: When in doubt, throw it out!
By recognizing the signs of phishing, following these tips, and taking the proper steps to report it, you can help protect yourself and others from falling victim to these scams.
Don't Get Bitten by the Bug: Why Software Updates Are Your First Line of Defense
Outsmart those pesky cybercriminals!
While strong passwords and a healthy dose of online skepticism are essential, one weapon in your cybersecurity arsenal that often gets overlooked is software updates.
Think of your software as a castle. Over time, cracks appear in the walls, and invaders (aka hackers) are constantly searching for those weaknesses. Software updates are like the stonemasons, diligently patching those cracks and reinforcing the defenses to keep the bad guys out.
Why should you care about these digital stonemasons?
Why should you care about these digital stonemasons?
Slamming the Door on Hackers: Updates fix security vulnerabilities that hackers exploit to steal data, install malware, and wreak havoc.
Performance Boost: Updates aren't just about security; they often include performance enhancements, making your devices run smoother and faster.
Shiny New Features: Updates often bring cool new features and improvements to your favorite apps and software.
Playing Nice with Others: Updates ensure compatibility, so your software works seamlessly with other programs and operating systems.
Technology providers issue software updates to “patch” security weak spots as quickly as possible. If we don’t install them, they can’t protect us!
Update Today, Don't Delay!
Update Today, Don't Delay!
Ignoring updates is like leaving the drawbridge to your castle permanently lowered – a risky move in a world of digital dragons.
Luckily, updating is usually quick and easy:
Automate It: Enable automatic updates whenever possible.
Check Regularly: Manually check for updates at least once a month.
Don't Dismiss Those Reminders: Those update notifications are your digital allies, not annoyances!
When we see an update alert, many of us tend to hit “Remind me later.” Think twice before delaying a software update! Keeping software up to date is an easy way to stay safer online.
This Cybersecurity Awareness Month, take charge of your digital security. Keeping your software updated is a small step with a significant impact, protecting your data and devices from those lurking in the digital shadows.
Double Down on Security with Multifactor Authentication
In today's digital landscape, where cyber threats lurk around every corner, protecting your online accounts is paramount. As we observe Cybersecurity Awareness Month this October, let's shine a spotlight on a crucial security measure that can significantly enhance your online defenses: Multifactor Authentication (MFA).
What is MFA?
MFA, also known as two-factor authentication (2FA), adds an extra layer of security to your online accounts by requiring multiple forms of verification to prove your identity. It's like having a second lock on your door – even if someone manages to pick the first lock (your password), they'll still need the second key to gain entry.
Why MFA Matters
While strong passwords are essential, they are no longer sufficient on their own. Cybercriminals employ sophisticated tactics like phishing, social engineering, and data breaches to steal passwords. MFA acts as a safety net, making it significantly harder for unauthorized users to access your accounts, even if they have your password.
How MFA Works
MFA typically involves two or more of the following factors:
Something you know: This is usually your password or PIN.
Something you have: This could be a physical token, a smartphone app, or a security key.
Something you are: This involves biometric verification, such as a fingerprint or facial recognition.
When you log in to an account with MFA enabled, you'll be prompted to provide additional verification after entering your password. This could involve entering a code sent to your phone, using a fingerprint scanner, or approving the login attempt through an app.
The Benefits of MFA
Enhanced security: MFA significantly reduces the risk of unauthorized access, even if your password is compromised.
Peace of mind: Knowing that your accounts have an extra layer of protection can alleviate anxiety about online security.
Easy implementation: Many online services and platforms offer MFA options, and enabling it is usually a straightforward process.
MFA in Action
Imagine a scenario where a cybercriminal manages to obtain your password through a phishing scam. Without MFA, they could easily access your email, social media accounts, or even your bank accounts. However, with MFA enabled, they'll hit a roadblock. They'll need that second factor – a code from your phone, your fingerprint, or another form of verification – to proceed. In most cases, they won't have it, and your accounts remain secure.
Don't Wait, Activate
This Cybersecurity Awareness Month, take a proactive step towards bolstering your online security by turning on MFA wherever possible. It's a simple yet powerful tool that can make a world of difference in protecting your digital life. Remember, in the ongoing battle against cyber threats, every layer of defense counts.
The Power of Strong Passwords and Password Manager
In the digital age, where our lives are increasingly intertwined with online platforms and services, the importance of robust cybersecurity practices cannot be overstated. As we observe Cybersecurity Awareness Month this October, let's delve into the critical role of strong passwords and password managers in safeguarding our digital identities and sensitive information.
The Perils of Weak Passwords
Weak or easily guessable passwords are a cybercriminal's dream. They provide a gateway to our personal and professional accounts, potentially leading to identity theft, financial loss, and data breaches. Birthdays, pet names, and simple numerical sequences are prime examples of passwords that should be avoided at all costs.
The Anatomy of a Strong Password
A strong password is like a fortress wall, protecting your digital assets from unauthorized access. To construct such a formidable defense, consider these key elements:
Length: The longer the password, the harder it is to crack. Aim for a minimum of 16 characters, but longer is always better.
Randomness: Use a random string of letters (capitals and lowercase), numbers, and symbols (the strongest!)
Uniqueness: Each account should have its unique password. Reusing passwords across multiple platforms creates a domino effect, where a breach in one account compromises all others.
The Password Manager Advantage
Remembering a multitude of complex passwords can be a daunting task. This is where password managers come to the rescue. These encrypted digital vaults securely store your passwords, allowing you to access them with a single master password. Password managers also generate strong, unique passwords for each account, eliminating the need to rely on your memory or resort to weak, easily guessable combinations.
Key benefits of using a password manager:
Enhanced security: Eliminates the risk of reusing passwords and simplifies the creation of strong, unique passwords.
Convenience: Stores all your passwords in one secure location, accessible with a single master password.
Efficiency: Autofills login credentials, saving you time and effort.
Portability: Access your passwords across multiple devices.
Cybersecurity is an ongoing process, and strong passwords and password managers are fundamental tools in this endeavor. By taking proactive steps to safeguard our digital lives, we can navigate the online world with confidence and peace of mind. Remember, a strong password is not just a string of characters but a shield protecting your valuable information.