We depend on critical infrastructure every day. Our ability to travel, to communicate with friends and family, to conduct business, to handle our finances, and even our ability to access clean, safe food and water are all reliant upon our Nation’s critical infrastructure networks and systems.
 
These essential services that underlie daily life in American society are increasingly being run on digital networks. Every day, people connect to the national grid without even realizing it from their smart phones, computers, and tablets. As a result, these critical systems are prime targets for cyber attacks from those seeking to cause our country harm. Seventy percent of companies responsible for the world’s power, water, and other critical functions reported at least one security breach, throughout a 12-month period, that led to disruption of service or loss of confidential information, according to the Ponemon Institute in 2014.  Resilience of essential systems and assets, from power grids to banking systems, is vital to our national security, economy as well as our public health and safety.

As the Department of Homeland Security transitions from October’s National Cyber Security Awareness Month (NCSAM) into November’s Critical Infrastructure Security and Resilience Month (CISR), we focus on the critical mission of defending our Nation’s critical infrastructure from cyber threats. Each November, DHS highlights the efforts between federal, state, local, territorial, and tribal governments and private sector partners to protect and secure the infrastructure Americans rely on every day to communicate, power, transport, and otherwise support our way of life.

Every day, DHS works with critical infrastructure owners and operators to better secure our systems from cyber threats. The Department’s C3 Voluntary Program supports industry in increasing cyber resilience, promotes awareness and use of the Cybersecurity Framework, and encourages organizations to manage cybersecurity as part of an all hazards approach to enterprise risk management. For more information, please visit https://www.us-cert.gov/ccubedvp.

Just as we all rely on critical infrastructure, we all play a role in keeping it strong, secure, and resilient. We can do our part at home, at work, and in our community by being vigilant, incorporating basic cyber safety practices into our daily routines, and making sure that if we see something, we say something by reporting suspicious activities to local law enforcement. The Stop.Think.Connect.™ encourages all Americans to take the following steps to play their part in securing our critical infrastructure.

• Keep a clean machine. Having the latest security software, web browser, and operating system are the best defenses against online threats. Keeping the software on your device up-to-date will prevent attackers from being able to take advantage of known vulnerabilities.
• Turn on stronger authentication. Stronger authentication requires that you use your password in conjunction with an additional piece of information (commonly a one-time PIN sent to your mobile device). Even if cybercriminals have your password, they won’t be able to access the account without the second component if stronger authentication has been used. Visit www.LockDownYourLogin.com for more information on stronger authentication.
• When in doubt, throw it out. Links in email, tweets, posts, and online advertising are often the way cybercriminals compromise your computer. If it looks suspicious, even if you know the source, it’s best to delete or if appropriate, mark as junk email.

Consumers play an important role in helping to secure critical infrastructure by practicing good cyber hygiene themselves and by becoming well-informed about whether the companies and organizations they do business with adhere to high cybersecurity standards. For instance, individuals should read the privacy policy of a company or vendor before purchasing a product or service from them. Also, when individuals or companies look to set up a domain name, they should take advantage of free DNS security features that are offered by domain name registration companies.

Originally published by https://www.dhs.gov/stopthinkconnect-campaign-blog