October is Cyber Security Awareness Month in New York State - ACT – Achieve Cyber security Together

October is Cyber Security Awareness Month in New York State - ACT – Achieve Cyber security Together Source: Office of the Governor - Thomas D. Smith, NYS Chief Information Security Officer

Governor Andrew M. Cuomo announced the start of Cyber Security Awareness Month in New York State and issued a proclamation in support to raise citizen awareness about cyber based threats and how to stay safe online at: http://www.dhses.ny.gov/go/proclamation2013.  The NYS Office of Information Technology Services, Enterprise Information Security Office (ITS EISO) is providing a number of educational resources to the public, including an electronic Cyber Security Awareness Toolkit.  The Toolkit includes cyber security themed posters, calendars, guides, brochures, and other content that can be downloaded to help promote and reinforce cyber safety in practical, informative, entertaining, and usable ways.  The Toolkit material may be found at www.dhses.ny.gov/ocs/awareness-training-events/#awareness. N.B. In conjunction with Cyber Security Awareness Month, the NYS ITS EISO is coordinating a statewide cyber security poster contest for students in grades Kindergarten-12.  This is a timely opportunity for school art and technology teachers to promote keeping children safe online in a fun way.  Entries may be used in state, regional, and national computer security awareness campaigns.  New York State winners will be featured on the ITS website and entered into the National Contest with the opportunity to be featured in the 2015 Cyber Security Calendar.  For more information on the poster contest, please visit http://www.dhses.ny.gov/ocs/awareness-training-events/events/2013/index.cfm and click on the Poster Contest tab. While there are many steps that can be taken to keep personal information and data secure, below are some helpful cyber security tips to follow provided by the Governor’s Office: Secure your computer:  Keep your operating system and application software updated and patched. Be sure to check that your anti-virus and anti-spyware software is running and receiving automatic updates.  Confirm that your firewall is enabled. Use Strong Passwords:  Passwords should have at least eight characters and include letters (uppercase and lowercase), numbers, and special characters.  It is important to maintain separate passwords for different accounts to reduce the likelihood that the compromise of one password will make other accounts vulnerable as well.  Developing good password practices will help keep your personal information and identity secure. Secure your online transactions:  When submitting sensitive information, look for the "lock" icon on the browser's status bar to be sure your information is sent securely during transmission.  Also be sure that "https" appears in the website's address bar before making an online transaction.  The "s" stands for "secure" and indicates that communication with the webpage is encrypted. Don't reveal personal information online:  The less information you post, the less data you make available for a cyber criminal to use in a potential attack or scam. Protect your laptop, smartphone, or other portable devices when traveling:  Just as your wallet contains lots of important and personal information that you wouldn't want to lose, so do your portable devices.  Don't let them out of your sight.  Never store your laptop in checked luggage.  If there is a room safe available at your hotel, use it to securely store your devices.  In addition, make sure you have strong passwords on these devices in the event they are lost or stolen. Be aware that public computers and public wireless access are not necessarily secure:  Cyber criminals can potentially access any information you provide, such as credit card numbers, passwords or other confidential information.  Do not conduct any sensitive transactions on public Wi-Fi sites. Do not email sensitive data:  Beware of emails requesting account or purchase information.  Legitimate businesses do not solicit sensitive or confidential information through email. Dispose of information properly:  When it's time to dispose of your computer or mobile device, make sure you have a process in place to completely erase your information or physically destroy the hard drive. Properly erasing your hard drive thwarts efforts to steal your information. More information on Cyber Security Awareness Month is posted on the Internet at: http://www.dhses.ny.gov/ocs/awareness-training-events/events/2013/index.cfm. .