Cybersecurity Awareness Month: What Will You Do?

October is Cybersecurity Awareness Month! DATCP is partnering with the Wisconsin Department of Administration and Wisconsin Emergency Management, part of the Wisconsin Department of Military Affairs, to promote four cybersecurity practices that consumers can add to their everyday routines.

Everyone benefits from improved online and device security, both for personal and organizational use. Technology is always improving and changing, which means our security measures have to constantly adapt as well. These tips are recommended by the Cybersecurity & Infrastructure Security Agency (part of the federal Department of Homeland Security) and the National Cybersecurity Alliance:

· Update your software regularly to fix security risks.

o Updates make improvements and resolve bugs, but also patch holes in security systems that can be exploited by bad actors.

o Security fixes are rolled out as soon as possible after issues are found. The longer you postpone an update, the more opportunity you provide bad actors to take advantage of that weak point.

o Establish a habit of checking for updates and do them right away, or set the notification feature on your device to learn when updates are available.

· Create different, strong passwords for each account.

o Reusing a single password can put all your accounts at risk. For example, if a scammer gains access to your Facebook account, they can see your email address and try logging into it using your Facebook password. Once they access your email account, they can check your messages to learn what other accounts you have and try your password there too.

o Strong passwords are also key! Consider using a “passphrase” or password manager program. A passphrase is long and unique to you – easy for you to remember, but very hard for others to guess – and adds a few numbers or special characters to add complexity. For example, you could replace an E with a 3 or add a question mark between words.

· Enable multi-factor login authentication (MFA or Two Factor Authentication).

o Multi-factor authentication is available for most online accounts. It adds an extra step to logging in that only takes a few seconds, but keeps your login secure – even if a scammer knows your password.

o How it works: You are sent a short code through a text, email, app, or physical token that you must enter when logging into your account. You receive new codes every time you log in.

o Sometimes, you don’t need to enter a code, and instead must click a button on a MFA app confirming it’s you.

o Think of it as having a deadbolt on the front door along with the door lock.

· Recognize and report phishing attempts.

o Phishing is still the most common way scammers gain access to people’s private information. A scammer sends you a message pretending to be a trustworthy source, and asks for your info – usually passwords or personally identifiable information – hoping you send it willingly.

o Most email and cell service providers have built-in report options for phishing and scams. Use them.