Posted by Roberta Stempfley, Acting Assistant Secretary of Cybersecurity and Communications

Small businesses are critical to the country’s economic growth, job creation and product innovation. As businesses engage in global e-commerce, they need to know how to protect themselves, their employees, and their customers against an array of information security risks. During the final week of National Cyber Security Awareness Month 2011, the Department of Homeland Security (DHS) and its partners from the public and private sector are highlighting cybersecurity resources available to small and medium-sized businesses to help protect against the increasing cybersecurity risks of theft, fraud and abuse.

Cybersecurity is a shared responsibility, and each of us has a role to play in making it safer, more secure and resilient. While the vast majority of the nation’s cyber infrastructure resides in private hands, the risks to national and economic security associated with the compromise or failure of these assets means that their protection requires a concerted public-private partnership.  Working closely with its federal partners, including the Federal Communications Commission (FCC) and the Federal Trade Commission (FTC), the Department is helping small and medium-sized businesses to develop cybersecurity plans to protect themselves, their employees and their customers.

A new survey, released by the National Cyber Security Alliance, found that 74 percent of small and medium businesses reported cyber attacks from 2009 to 2010, which cost an average of $190,000 per attack.  However, only 52 percent of surveyed businesses had a cybersecurity plan in place. Businesses can soon use the Small Biz Cyber Planner, recently unveiled by the FCC and DHS, to develop tailored cybersecurity plans to help protect against cyber crime. 

The federal government provides business owners and operators with access to valuable cyber risk assessment tools and programs to address cyber threats. In January 2010, DHS began working with the Department of Defense and the Financial Services Information Sharing and Analysis Center (FS-ISAC) to share actionable cybersecurity threat information as well as recommended mitigations – with 14 financial sector firms.

Find out more about how to protect your business and employees by visiting our National Cyber Security Awareness Month page. To learn more about how to get involved in Awareness Month, please visit http://www.staysafeonline.org/ncsam.

Posted by Douglas A. Smith, Assistant Secretary for the Private Sector

Every day we are reminded of the importance of making the Internet safer and more secure. This is a shared responsibility, and each of us has a role to play. Emerging cyber threats require the engagement of the entire society—from the federal government and Fortune 500 Companies to the corner store. Cyberspace supports everything from the systems that keep the lights on to the networks that process credit card transactions. That’s why a safe and secure cyberspace is important to businesses of all sizes.

In support of Cyber Security Awareness Month, and in collaboration with the Detroit Regional Chamber and the Booker T. Washington Business, I recently visited Detroit to meet with local business owners and discuss how small businesses can protect themselves from cyber threats.

Assistant Secretary Smith (center) with William R. Ross, President Booker T. Washington Business Association and Sandy K. Baruah, President and Chief Executive Officer, Detroit Regional Chamber

Many ask how companies with limited resources can combat cyber crime. The Department of Homeland Security has released a number of reports and recommendations for businesses that include guidelines and frameworks for securing critical networks. While working toward greater cyber resilience can be challenging, there are also simple and free steps that every company should take to inform employees of safe online practices. These include:

• Restrict access to personal information of employees and customers to prevent identity theft.
• Be suspicious of unsolicited contact from individuals seeking internal organizational data or personal information. Verify a request’s authenticity by contacting the requesting entity or company directly.
• Immediately report any suspect data or security breaches to your supervisor and/or authorities.

While no one is immune from cyber attacks, businesses of all sizes can and should take steps to protect themselves. To find more information on some of the simple steps businesses can take to guard themselves against cybercrimes and attacks, visit http://www.dhs.gov/files/events/stop-think-connect-get-informed.shtm.

Posted by A. T. Smith, Assistant Director for Investigations, United States Secret Service

Today, I joined Department of Homeland Security (DHS) Secretary Janet Napolitano and National Protection and Programs Directorate Acting Deputy Under Secretary for Cybersecurty Greg Schaffer at NASDAQ MarketSite in New York to meet with cybersecurity partners from law enforcement and the private sector to discuss efforts to combat cyber crime.  As we’ve discussed throughout National Cyber Security Awareness Month, Internet safety is a shared responsibility and each of us has a role to play.

While our mission to protect the President of the United States and other officials is well-known, the Secret Service also has an important investigative mission to help secure our nation’s financial infrastructure. We are responsible for combating counterfeit currency as well as protecting America’s financial systems, together with our partners from federal, state, local, and tribal law enforcement agencies, the private sector and academia.

Today’s modern world is more interconnected than ever before. Yet, for all its advantages, increased connectivity brings increased risk of theft, fraud, and abuse. The Secret Service employs a number of tools to complete its mission including:

• Electronic Crimes Task Forces (ECTFs), including two international task forces, which focuses on identifying and locating international cyber criminals connected to cyber intrusions, bank fraud, data breaches, and other computer-related crimes.
• The Cyber Intelligence Section (CIS), which has directly contributed to the arrest of  transnational cyber criminals, responsible for the theft of hundreds of millions of credit card numbers and the loss of approximately $600 million to financial and retail institutions.
• The National Computer Forensic Institute (NCFI) in Hoover, Alabama that provides law enforcement officers, prosecutors, and judges with cyber training and information to combat cyber crime.  To date, more than 600 state and local law enforcement officials, 200 prosecutors, and dozens of judges representing more than 300 agencies throughout the country have been trained by the Secret Service at the NCFI.

The Secret Service is also working with our partners across DHS to leverage capabilities at the Department and across the cyber response community. DHS hosts classified cyber intelligence briefings to cleared members of the Financial Services Sector on strategies, trends and tactics of cyber criminals, as well as providing mitigation and implementation recommendations to ensure a proper network defense from evolving cyber threats.  In addition, the Secret Service works with the Financial Services Information Sharing and Analysis Center (FS-ISAC) by way of the Department’s 24-hour watching and warning National Cybersecurity and Communications Integration Center. 

Emerging cyber threats require the engagement of the entire society.  While no one is immune from cyber attacks, businesses of all sizes can and should take steps to protect themselves. To find more information on some of the simple steps businesses can take to guard themselves against cybercrimes and attacks, visit the Stop.Think.Connect. Campaign website.

Learn more about our efforts at http://www.secretservice.gov/

Posted by Doug Maughan, Director, Cyber Security Division, DHS Science & Technology Directorate

Throughout Cybersecurity Awareness Month, we have discussed the importance of making the Internet safer and more secure. This is a shared responsibility, and each of us has a role to play. Emerging cyber threats require the engagement of the entire society—from government and law enforcement to the private sector and most importantly, members of the public. Last week, the Department of Homeland Security’s (DHS) Science and Technology Directorate (S&T) received two awards for work in strengthening our nation’s cybersecurity posture.

We received a National Cybersecurity Innovation Award at the Sans Institute’s Second Annual National Cybersecurity Innovation Conference for our Domain Name System Security Extensions (DNSSEC) project , which protects the public by ensuring that websites visited are the real deal and not imposters. Phony websites steal users’ log-in names, passwords, and even money, from thousands of innocent Internet users every year. S&T’s Cyber Security Division (CSD) was recognized for its innovation in promoting research that “pays off” by focusing on work that can result in real products and real risk reduction. Moreover, the award noted that the CSD’s approach has forced the R&D community to think beyond the theoretical to consider a more practical horizon.

DHS S&T also received the Open Source for America (OSFA) 2011 Government Deployment Open Source Award for the Homeland Open Security Technology (HOST) project , which brings together technology leaders from across government and developing advanced open source security solutions that address their prioritized gaps. This award recognize projects and people that educate decision makers in the federal government about the advantages of using free and open-source software and encourage federal agencies to give equal priority to procuring free and open-source software in all of their procurement decisions. The development of the open source intrusion detection system, Suricata, was sponsored through this project and is now being sustainably maintained by industry through a non-profit foundation.

The DHS Science & Technology Directorate is leading efforts to develop and deploy more secure internet protocols that protect consumers and industry internet users. As evidenced by these awards, the Department is making significant strides to enhance the security of the nation’s critical physical infrastructure as well as its cyber infrastructure and networks.

• The Secretary's Honors Program for Cybersecurity Professionals, a two-year program that allows cyber professionals to participate in rotational assignments at various DHS component agencies to learn how each addresses cyber-related issues unique to their specific mission
• The Emerging Leaders in Cybersecurity Fellowship program, a recruiting effort to encourage students from the nation's top graduate programs to pursue careers in public service
• The Cybersecurity Internship Program, designed to give current students an opportunity to work alongside cyber leaders at the DHS
• Certification of more than 125 institutions nationwide as National Centers for Academic Excellence to teach students valuable technical skills in various disciplines of Information Assurance

Posted by Deputy Secretary Jane Holl Lute

Today’s modern world is more interconnected than ever before. Everything from online shopping to social networking to providing basic utilities requires the reliability and security of the Internet.

While increased interconnectivity has plenty of advantages, it has also increased the risk of theft, fraud, and abuse to individuals, businesses, communities, and governments.  That’s why cybersecurity is a shared responsibility, and each of us has a role to play. Emerging cyber threats require the engagement of our entire society including government and law enforcement, the private sector, and members of the public. 

Today, President Obama issued a presidential proclamation announcing the eighth annual National Cybersecurity Awareness Month (NCSAM), which has been recognized by state and local governments, as well as industry and academia.  Every October, we take the opportunity to engage public and private sector stakeholders, as well as the general public, to promote a safe, secure, and resilient cyber environment. 

This month is also the first anniversary of the Department’s Stop.Think.Connect.™ Campaign, an ongoing national public awareness effort to engage and challenge Americans to join practice and promote safe online practices.

Individuals and business can follow a few simple steps to keep themselves, their identities, and information safe online:

• Set strong passwords, and don’t share them with anyone.
• Keep your operating system, browser, and other critical software optimized by installing updates.
• Maintain an open dialogue with your children about Internet safety.
• Limit the amount of personal information you post online and use privacy settings to avoid sharing information widely.
• Be cautious about what you receive or read online – if it sounds too good to be true, it probably is.

Throughout the month of October and beyond, we invite you to join us in creating a safe, secure and resilient cyberspace.

cross-posted from the White House Blog

With National Cybersecurity Awareness Month now finished, I would like to remind everyone that cybersecurity is not an issue that requires our attention only one month a year. Instead, we need to be thinking about cybersecurity every time we turn on a computer. Further, as the threat of cyber attacks continues to increase, the U.S. Government and the nation as a whole need to continue to develop and identify the young cybersecurity experts who will keep our computers and digital networks secure and resilient.

One of the ways the U.S. Government cultivates future cyber defenders is through competitions such as the U.S. Cyber Challenge. This program, which is comprised of three separate cybersecurity challenges, has the goal of identifying 10,000 young Americans with the skills to fill the ranks of cybersecurity practitioners, researchers, and leaders. The program nurtures and develops their skills, gives them access to advanced education and exercises, and where appropriate, enables them to be recognized by colleges, companies, and government departments and agencies where their skills can be of the greatest value to the nation.

One of the amazing stories from this year’s U.S. Cyber Challenge is Michael Coppola. Michael is a high school senior and is the leading point scorer through two rounds of the Netwars challenge. Despite not having much formal cybersecurity training, Michael is beating teams of adults and cybersecurity professionals, and, as you can see in the interview excerpt below, remains humble and grounded. Keep up the good work, Michael!

Q. So, Michael, what we'd really like to hear about is what it was like to participate in the NetWars competition. But for starters, how did you even find out about it?
A. In May, a news collective, Digg, pointed me to an article on Forbes.com that described the NetWars contest but didn't provide any information on how to actually participate. About a month later, a link to the contest surfaced on the 2600 news feed, and the rest is history
Q. And just out of curiosity, you're in your senior year in high school - had you already taken computer science courses at school?
A. Yes, I've taken a few, but they don't offer computer security classes. I've taken Graphic Design, Web Design and Animation, and Computer Networking and Repair. I enrolled to take Introduction to Programming this year, but they cancelled it, because they couldn't find a suitable teacher.
Q. Did you ever wonder about what you might "win" or get out of it?
A. The original flyer said something about "cyber camps," but I didn't really know what that meant. I played just to play, and if I won anything from it, then all the better.
Q. Were you surprised when you won? Did you know that the second highest score came from a TEAM of five (?) players working together?
A. I was actually very surprised to be honest. I didn't expect to win, because I assumed that the people I was competing against would be in college with formal educations. Also, I had no idea the second place contestant was in fact a team of five until you asked me!

John Brennan is Assistant to the President for Homeland Security and Counterterrorism

The lines between communications technology and information technology (IT) are getting blurrier every day. Chances are that the cell phone you carry around can do a lot more than just make a phone call. It almost certainly has the capability to send a text message; it probably surfs the web; and it can likely pinpoint your location via GPS to get you to the nearest Starbucks.

So as various communications and information technologies become more interdependent, so too does the infrastructure that supports those technologies. Telecommunications networks, cell phone towers, and control centers are just some of the cyber assets that are becoming more and more interwoven everyday.

It’s DHS’ responsibility to coordinate with the private sector, which in large part owns and operates these increasingly seamless networks and systems. We took a big step today toward making sure that we can fulfill our role of being a good partner in the event of a disaster – be it natural or manmade.

This morning, Secretary Napolitano cut the ribbon on the National Cybersecurity & Communications Integration Center (NCCIC). The NCCIC (which we say N-Kick) is a new 24-hour watch and warning center that consolidates many of the Department’s cyber and communications operations centers that respond to emergency incidents.

The NCCIC co-locates the missions and functions of several of the Department’s most important cybersecurity facilities, such as the United States Computer Emergency Readiness Team (US-CERT), the National Coordinating Center (NCC) and the National Cybersecurity Center (NCSC) – and ultimately our private sector partners. This groundbreaking center is the result of collaboration of a Joint Industry-Government Tiger Team, the National Security Telecommunications Advisory Committee, and the Government Accountability Office.

The result is one solution: a unified operations center. The NCCIC will help the department detect, prevent, respond, and mitigate disruptions of voice and cyber communications technologies.

That cell phone relies on more technology and networking than ever before. We’re working every day to keep it safe.

To learn more about the DHS’s cybersecurity efforts, visit www.dhs.gov/cyber.

Last week, the Secretary delivered remarks via webcast to talk with the American public about cybersecurity, and to answer the public’s questions on the topic. We received many more questions than the Secretary had time for that morning, but she wanted to make sure we answered as many possible.

So today, Secretary Napolitano sat down to do just that. Check out the Secretary's video below.

Cross-posted from The White House Blog.

During National Cybersecurity Awareness Month I have discussed the types of cyber threats that we face and some of the basic steps that all computer users can take to better protect themselves. This week, I’d like to address another important dimension of this shared responsibility – the role of America’s small businesses.

As the President said in his remarks for National Cybersecurity Awareness Month, the cyber threat has become one of the most serious economic and national security challenges we face as a nation. America’s competitiveness and our economic prosperity in the 21st century will depend on effective cybersecurity. This is especially true for the millions of small businesses that form the backbone of our economy. For this reason, the National Institute of Standards and Technology (NIST) at the Department of Commerce recently released a guidebook, Small Business Information Security: The Fundamentals, on cybersecurity fundamentals for small business owners. A video related to the guidebook is provided below.

View the video

As the guidebook states, “in the United States, the number of small businesses totals to over 95% of all businesses. The small business community produces around 50% of our nation’s Gross National Product (GNP) and creates around 50% of all new jobs in our country. Small businesses, therefore, are a very important part of our nation’s economy.”

However, these small businesses often do not have sufficient resources to effectively secure their cyber infrastructure. Criminals recognize this, and small businesses are more and more often becoming targets of cyber crime. The NIST guidebook helps to mitigate these risks by providing small business owners with detailed (but easy-to-understand) instructions on how to improve their cybersecurity posture.

The guidebook is divided into three sections: absolutely necessary cybersecurity practices, highly recommended practices, and other planning considerations. It includes instructions on topics such as activating and installing firewalls, securing wireless access points, and conducting online banking more securely. I recommend all business owners read this guidebook. Home users may also find many of the cybersecurity instructions useful.

To learn more about cybersecurity tips please also visit www.onguardonline.gov and www.dhs.gov/cyber.

John Brennan is Assistant to the President for Homeland Security and Counterterrorism

From Federal Computer Week, about Secretary Napolitano’s speech on Cybersecurity Month:

Homeland Security Secretary Janet Napolitano has gone online to urge private persons to help bolster the country's cybersecurity.

During a speech broadcast on the Homeland Security Department's Web site Oct. 20, Napolitano described computer security as a major scientific and technical challenge with great economic and national security implications. She said everyday people - not just the government - share the responsibility for cybersecurity.

"It's an opportunity for you as an individual to personally to contribute to our national security," Napolitano said. "Securing your home computer helps you and your family - it also helps your nation in some very important ways."

Napolitano said people should:

Install and activate firewalls for their computers and Internet connection.

Ensure that anti-virus and anti-spyware is installed and up-to-date.

Check computer settings to make sure operating systems and applications are automatically patched.

Avoid suspect Web sites, downloading suspicious documents or attachments, or opening e-mail messages from unknown persons.

Perform regular back ups.

Use strong passwords.

Educate children.

From the Washington Times, on the H1N1 vaccine:

Secretary of Homeland Security Janet Napolitano on Wednesday morning acknowledged a delay in the distribution of H1N1 vaccine but said the program should be back on schedule around December.

The Centers for Disease Control and Prevention (CDC) wanted to have 40 million doses shipped by the end of October, but will have roughly 28 million to 30 million.

Ms. Napolitano told CNN before testifying on Capitol Hill that the problem was a manufacturing delay, not a shortage.

"There will be a vaccine for everybody who wants it," she said.

From SC Magazine, on Philip Reitinger's attendance at the RSA Conference in England:

International collaboration and recruitment of experienced people is needed to win the battle against cybercrime.

Speaking at the RSA Conference Europe, the US department of homeland security(DHS) deputy undersecretary of the national protection and programs directorate Philip Reitinger, claimed that the right people are working on battling cybercrime but it needs to be vastly increased.

Reitinger said: “We need developers who work through university who learn to write code. We need to have ethically sound people, people who have a mind for the criminal, make sure that people are used to people's business but have to have the public's interest at heart.

“They need to have a blackhat perspective, and need to do threat modelling. Understanding weaknesses to do a good job of security systems. I think we are trying to invest in the right way.”

From KXO-AM El Centro, CA,on a drug seizure at the Andrade port of entry:

More than 29 pounds of cocaine worth nearly $1 million was seized Tuesday night at the Andrade port of entry.

A drug detection dog assigned to the Yuma Sector Border Patrol alerted to a California registered SUV as it attempted to enter the United States from Mexico at the Andrade port of entry. Further inspection of the vehicle led to the discovery of a compartment below the floorboards. 29.7 pounds of cocaine was found found hidden in the compartment. The vehicle , drugs and 26-year old woman driver of the SUV were all turned over to the Immigration and Customs Enforcement office.

Public Events
10 AM EDT
U.S. Immigration and Customs Enforcement Office of Investigations Deputy Assistant Director Janice Ayala and U.S. Customs and Border Protection Cargo and Conveyance Security Executive Director Todd Owen will testify about cargo threats at land ports of entry before the House Committee on Homeland Security Subcommittee on Border, Maritime and Global Counterterrorism
311 Cannon House Office Building
Washington, D.C.

UPDATE: Oct. 23rd, 11:15 a.m. The full video of the live stream has been posted on our Leadership Journal.

UPDATE: 1 :30 p.m. We will be posting the taped video of the Secretary's remarks later today. Thanks to everyone for your participation and for the terrific questions.
________

Head over to our LIVE page now to watch Secretary Napolitano deliver remarks on cybersecurity.

You can also submit questions for the Secretary during her address.

So here's a first...

Tune in tomorrow to dhs.gov at 11:00 AM EDT for an exclusive live address from Secretary Napolitano on cybersecurity. We will broadcast her remarks at dhs.gov, and you can submit a question for the Secretary to answer during her address.

The Secretary will talk about our shared responsibility for staying safe online, and the department's leadership role in cybersecurity.

Check it out tomorrow at 11:00 AM EDT.

Cross-posted from the White House Blog

In my last blog post, I linked to President Obama’s proclamation announcing the start of National Cybersecurity Awareness Month. This week, I would like to discuss in more detail the cyber threats that we are facing as a Nation and as individuals. A key theme for this month is that cybersecurity is "our shared responsibility." Each one of us must take the time to increase our awareness of the cyber risks that are present every time we turn on our computers.

Just the other day, the media was breaking a story about the latest generation of malicious software designed to steal money from bank accounts. This "bank Trojan," called URLzone provides a sophisticated interface for managing theft from numerous accounts and deceives the account owner with false statements.

For years, research institutions have noted a steady increase in number of malicious programs that are being used to exploit the vulnerabilities of our computers. A vast percentage of all e-mail is spam, which tries to lure us into downloading software, visiting an infected website or social networking account, or even making a phone call in order to get us to reveal information useful for identity theft or to steal money. Many of these malicious actors are now sending out fake emails from the Internal Revenue Service.

Sophisticated cyber criminals are bypassing individual computer users and are attacking financial institutions. To them, the motivation is simple. Why steal one bank account record when you can steal millions? Fortunately, our law enforcement agencies have had some remarkable successes against key groups responsible for cyber attacks. Just last week, nearly 100 people were arrested in the United States and Egypt on charges of computer fraud, conspiracy to commit bank fraud, money laundering, and aggravated identify theft. Last month the U.S. Government convicted the individual responsible for the theft and sale of more than 40 million credit and debit card numbers from numerous U.S. retailers with losses of more than $21 billion. You can learn more about federal law enforcement efforts in combating cyber crime here, here, and here.

And then there are the botnets, which are large numbers of compromised computers that are controlled remotely by criminals or other malicious actors. Some computer experts have estimated that one quarter of all personal computers are part of a botnet. The Conficker worm has been around for about a year and has managed to spread into millions of machines through network connections and portable media such as thumb drives. These botnets appear to be used primarily for supporting criminal activities such as spam, but we worry that such large botnets could be used to launch unprecedented denial-of-service attacks against banking, government, or other important websites.

As you can see, the cyber threat is quite real. Every day dozens of Federal departments and agencies work with their industry partners to help mitigate these threats. And while we have made great strides thwarting the efforts of cyber criminals, more needs to be done. Next week, I will write more about the basic cybersecurity tips that every computer user should know and adopt.

John Brennan is Assistant to the President for Homeland Security and Counterterrorism

Cross-posted from the White House Blog

Today, per a Presidential Proclamation and a Senate Resolution, marks the start of the sixth annual National Cybersecurity Awareness Month. As stated in the President’s Cyberspace Policy Review, cybersecurity is a national priority and is vital to our economy and the security of our nation. The financial industry, our government networks, and your home computers are under continual attack from a variety of malicious actors, including domestic hackers, international organized crime rings, and foreign intelligence agencies. They are stealing your identities and financial information, sensitive government data, and proprietary industry information. As President Obama stated in his May 29th speech, "America's economic prosperity in the 21st century will depend on cybersecurity."

However, there is much that we can do to reduce our vulnerability and improve our resilience to cyber attacks, and we call on all Americans this month to recognize their role in improving the nation’s cybersecurity. One of the themes for this year’s National Cybersecurity Awareness Month is that cybersecurity is a shared responsibility. This refers to the fact that government, industry, and the individual computer user must all play a role in securing our information networks and data. Public-private partnerships are critical to these efforts, and one example of this partnership is the National Cybersecurity Alliance. This joint industry and government organization provides a variety of information on National Cybersecurity Awareness Month activities. Further, the National Association of State Chief Information Officers (NASCIO) provides information on cybersecurity efforts happening within your state.

During the month of October, I will be posting additional information on this blog regarding a variety of cybersecurity topics, including Cyber Threat, Cybersecurity Tips for the Home User, and Cybersecurity Careers.

Please check back here weekly for additional cybersecurity information.

John Brennan is the Deputy National Security Advisor and Assistant to the President for Homeland Security and Counterterrorism

Everyone thinks about cybersecurity now and then. Whether you’re setting up your business’ website, or opening a new checking account, or sitting down with your child to get on the internet; it’s an issue that affects all of us. Cybercrimes and the security of our private and government cyber infrastructure are critical parts of the department’s mission to secure our homeland – by making sure that we are all safer online.

October is National Cybersecurity Awareness Month, and the Secretary was joined this morning by Deputy Secretary of Defense William J. Lynn III, White House National Security Staff Acting Senior Director for Cybersecurity Chris Painter, Deputy Under Secretary for NPPD and Director of the National Cybersecurity Center Phil Reitinger, and Director of the Secret Service Mark Sullivan at an event here in Washington, D.C. to kick it off. During the event, Secretary Napolitano took the opportunity to announce the department’s new authority to recruit and hire up to 1,000 cybersecurity professionals across DHS to fill critical roles – including cyber risk and strategic analysis; cyber incident response; vulnerability detection and assessment; intelligence and investigation; and network and systems engineering.

“Effective cybersecurity requires all partners—individuals, communities, government entities and the private sector—to work together to protect our networks and strengthen our cyber resiliency,” said Secretary Napolitano. “This new hiring authority will enable DHS to recruit the best cyber analysts, developers and engineers in the world to serve their country by leading the nation’s defenses against cyber threats.”

• Make sure that you have anti-virus software and firewalls installed, properly configured, and up-to-date. New threats are discovered every day, and keeping your software updated is one of the easier ways to protect yourself from an attack. Set your computer to automatically update for you.
• Update your operating system and critical program software. Software updates offer the latest protection against malicious activities. Turn on automatic updating if that feature is available.
• Back up key files. If you have important files stored on your computer, copy them onto a removable disc and store it in a safe place.

Endorse - Demonstrate your commitment to cybersecurity.

• Create a section for cybersecurity on your organization's Web site.
• Add a signature block to your e-mail:"October is National Cybersecurity Awareness Month. Stay Safe Online!
• Find more resources at US CERT.

Educate - Find out what more you can do to secure cyberspace and how you can share this with others.

• Participate in the National Cyber Security Alliance Cyber Security Awareness Volunteer Education (C-SAVE) Program and help educate elementary, middle, and high-school students about Internet safety and security.
• Review cybersecurity tips with your family.
• Use regular communications in your business—newsletters, e-mail alerts, Web sites, etc.—to increase awareness on issues like updating software processes, protecting personal identifiable information, and securing your wireless network.

Check out the new Cybersecurity Awareness Month page on dhs.gov to learn more, and stay tuned throughout the month.