TINKER AIR FORCE BASE, Okla. -- In continuing with the message of “Own IT. Secure IT. Protect IT.” for National Cybersecurity Awareness Month, this article will address reducing mission cyber risks by protecting information.
“Airmen are constant targets for cybersecurity attacks by criminal actors and adversaries at home and at work,” said William Marion, the Air Force deputy chief information officer, in the 2019 NCSAM observance memo. “We are responsible as Airmen to #BeCyberSmart, enable mission success and help ensure the safety of all Airmen. Your knowledge of proper cybersecurity practices is vital to ensure that our missions succeed.”
As reported by the Office of the Chief Information Security Officer, so far in 2019 there have been almost 4,000 cybersecurity breaches exposing over 4.1 billion records and costing hundreds of millions of dollars for businesses, medical facilities and educational institutions.
“A breach to Air Force networks, systems or platforms could cost more than just money; it could jeopardize mission success and endanger the lives of our fellow Airmen,” said Marion. “Cybersecurity is everyone’s responsibility and all Airmen need to stay vigilant. Our adversaries are constantly trying to penetrate our cyberspace defenses and exploit any vulnerabilities. The Office of the Chief Information Security Officer’s goal with the National Cybersecurity Awareness Month is to increase Total Force awareness to help protect USAF core missions.”
Keep the following tips in mind when accessing Air Force network devices:
1. Protect your passwords/protect your PII.
2. Always log off/never leave devices (CAC/SIPR token) unattended.
3. Avoid phishing scams and suspicious messages received via emails or embedded links contained in emails, social media, texts or phone calls.
4. Install/update anti-virus protection.
5. Be aware of virus attacks and network responses. Keep a copy of the Computer Emergency Quick Response Aid (reference AFI 17-203 – Cyber Incident Handling) near your phone and computer for actions to take and reporting procedures if an incident occurs.
6. Properly handle and mark external media (CDs/hard drives.)
7. Digitally sign and encrypt emails when necessary.
8. Read the terms of service and agreements.
9. Install software updates and patches as available.
10. Maintain a clean desk to avoid inadvertently displaying data that could potentially be comprised.
Article source: Department of Homeland Security, National Initiative for Cybersecurity Careers and Studies: https://niccs.us-cert.gov/national-cybersecurity-awareness-month-2019