A Message from Max Everett, DOE Chief Information Officer
Colleagues, I am so pleased to have been able to kick off the 15th annual National Cybersecurity Awareness Month (NCSAM) for DOE with a webinar on October 3, 2018. I feel strongly about the shared role of everyone in this Department and across the country in protecting themselves and the Nation with strong cyber hygiene practices. NCSAM is a nationwide collaborative event led by the National Cyber Security Alliance and the U.S. Department of Homeland Security that helps Americans better understand and avoid various risks we face when using digital technology and the Internet. DOE is proud to be a federal partner in this critical awareness initiative.
Cyberspace touches every aspect of our daily lives. It includes the broadband and wireless signals around us; the local networks in our schools, hospitals, and businesses; and the interconnected and increasingly digitized energy infrastructure that power it all. While these technological advances lead to amazing transformation, they also increase the significance and complexity of our shared risk. Our nation’s well-being relies upon secure and resilient critical infrastructure to include assets, systems, and networks that support the American ecosystem. As DOE colleagues, we all play a crucial role in securing our critical infrastructure from cyber threats, and we take this responsibility seriously. Across this Department, activities are underway daily to ensure a cyber-secure workplace, protect privileged information, and build a highly skilled cyber workforce.
Specifically, the Department’s Cybersecurity Strategy prioritizes enterprise initiatives supporting the 2018 National Cyber Strategy, which was issued by the White House on September 20th. The national strategy is ground-breaking statement of the administration’s plans for protecting the country against cyber threats and strengthening the United States’ defensive capabilities. Departmental programs like High Value Asset management, multi-factor authentication, and continuous diagnostics and mitigation help cybersecurity personnel across the Department protect and defend agency information assets. However, like links in a chain, effective cybersecurity requires everyone’s full participation and awareness. No matter how effective—or expensive—security tools are, an entire network can be compromised by a single careless user. As a DOE employee, you must be vigilant against cyber threats, apply prescribed and common-sense practices, and always remember that you share the responsibility of protecting critical agency assets.
Your attention to cybersecurity best practices begins in your home and extends to your workplace. In today’s world, everyone uses the Internet to engage in social media, adjust the home thermostat, or shop for the latest connected toy. Therefore, it is vital to make certain that the entire household — including children and older adults — learns to use the Internet safely and responsibly. You don't have to be technically "savvy" to stay safe online - even small actions and a cautious mindset can make a huge difference. To help protect yourself and your family, I encourage you to follow these simple tips:
- Consider yourself as your family’s CIO, managing its technology resources and promoting its online health;
- Make sure everyone in the family understands the consequences of unsafe online behavior;
- Use common-sense to decide when things are too good to be true and consider the consequences of clicking, installing an app, or entering a password or private information;
- Fortify your accounts with the strongest authentication tools available, such as multi-factor authentication;
- Regularly update the software on your Internet-connected devices, including PCs, smartphones, and tablets; and,
- Own your online presence. Control and limit what you post and who can see your information online. Expect that everything posted on social media is publicly available.
From our desks and homes to on-the-go, we work, learn, and play online. Even when we are not directly connected, a vast, worldwide cyber connection supports of our everyday lives, and its security impacts everyone. If each of us does our part – implementing basic cybersecurity practices, raising community awareness, educating young people, and training employees – we will foster a safer and more resilient digital society.