North Carolina is joining other states, government agencies, businesses and individuals in a worldwide effort to encourage the public to stay safe online by protecting their online data and privacy.
Gov. Roy Cooper has proclaimed October National Cybersecurity Awareness Month to bring awareness to the impact cybersecurity threats and breaches have on the public and the state.
“Every North Carolinian must be vigilant against cyberattacks, but to do so they must be equipped with the awareness and education to maintain quality cybersecurity practices,” Gov. Cooper said. “I have proclaimed October National Cybersecurity Awareness Month to promote best practices in cybersecurity that will keep our state safe from these attacks.”
“No one is immune from a cyberattack,” said Eric Boyette, state chief information officer and secretary of the N.C. Department of Information Technology. “While the state is proactive in helping keep state data secure, cybersecurity protection is the responsibility of all North Carolina residents. Education and awareness are the best ways to help avoid becoming a victim.”
This year’s Cybersecurity Awareness Month theme – “Own IT. Secure IT. Protect IT.” – focuses on personal accountability and proactive behavior by “being cybersmart.” It’s three tenets are:
- Own IT. Take proactive steps to ensure the information you’re sharing online and giving out is secure. Be familiar with and routinely check privacy settings. Avoid the use of free or open Wi-Fi networks, which cybercriminals often exploit.
- Secure IT. Create strong, unique passwords. Turn on multi-factor authentication, when possible. Know how to use the security features of the devices you use every day. Learn how to spot and avoid email scams.
- Protect IT. Understanding how to keep your information safe will help protect you from cybercrime. Practice good “cyber hygiene” habits at home and at work. Update to the latest security software, web browsers and operating systems.
Follow the N.C. Department of Information Technology on Facebook, Twitter and LinkedIn for tips and best practices throughout the month, or visit https://www.staysafeonline.org
Cybersecurity Awareness Month comes as state and local governments across the country, including North Carolina, have recently fallen victim to cyberattacks. Many of these attacks generally occur as a result of users falling for email scams, which have become more sophisticated.
“Cybersecurity is a top priority in North Carolina, not just in October but all year long,” said State Chief Risk Officer Maria Thompson, who leads NC DIT’s efforts to educate users, protect privacy and combat cyberattacks.
“Our data is under constant attack, and although we have many controls in place to protect data, we rely heavily on end-users to play their part and practice good cybersecurity habits,” she said. “We need everyone to understand that we are all cyber warriors and play a crucial role in the prevention of cyberattacks.”
So where to start?
Thompson urges everyone to begin by following these basic tips and then seek out additional information online at https://www.staysafeonline.org and https://www.stopthinkconnect.
- Be suspicious of unsolicited emails. Whether it’s a request for donations or just information about the people in your family or agency, cybercriminals can use details you provide in elaborate scams.
- Don’t hesitate to follow up. Even if you know and trust the sender, contact them by phone or in person if an email seems out of the ordinary or is a request for money or sensitive information.
- Think before you click. Links and attachments in suspicious emails could compromise your online security and that of your company. If there’s any doubt, check with the sender first.
- Pay attention to website URLs. Malicious websites can look identical to trusted sites, but the URL might use a different spelling or domain (e.g., .com vs. .net).
- Protect your personal information. Avoid sending sensitive, personal identifiable information (e.g., Social Security numbers) or passwords in email – regardless of the recipient – unless encryption is used.