October 1 – 5
Making Your Residence a Haven for Online Safety
Every day, parents and caregivers teach kids basic safety practices ‒ like looking both ways before crossing the street and holding an adult’s hand in a crowded place. Easy-to-learn life lessons for online safety and privacy begin with parents leading the way. Learning good cybersecurity practices can also help set a strong foundation for a career in the industry. With family members using the internet to engage in social media, adjust the home thermostat or shop for the latest connected toy, it is vital to make certain that the entire household ‒ including children – learn to use the internet safely and responsibly and that networks and mobile devices are secure. Week 1 will underscore basic cybersecurity essentials the entire family can deploy to protect their homes against cyber threats.
Encryption (SANS Institute)
Your operating system likely comes with its own encryption application. BitLocker was released with Windows Vista and is built-in to Windows Vista, Windows 7, Windows 8.1, and Windows 10. Apple’s FileVault 2 has been built-in to Mac OS X since version 10.7.
The safest way to use public WiFi is not to use it at all, however, that is not always practical. There are times when you might need to connect to a public network for work, school, or personal reason while avoiding excessive data charges. Take a look at the links below to find out how you can use public WiFi safely and securely.
Using Marshall University’s VPN
Staying Secure on the Road (SANS Institute)
Tips for Using Public WiFi Networks (Federal Trade Commission)
Privacy Tips for Using Public Computers & Wireless Networks (StopThinkConnect)
October 15 – 19
Feeling Secure on Campus
When you are on the job – whether it’s at a corporate office, local restaurant, healthcare provider, academic institution or government agency ‒ your organization’s online safety and security are a responsibility we all share. And, as the lines between our work and daily lives become increasingly blurred, it is more important than ever to be certain that smart cybersecurity carries over between the two. Week 3 will focus on cybersecurity workforce education, training and awareness while emphasizing risk management, resistance and resilience. NCSA’s CyberSecure My Business™ will shed light on how small and medium-sized businesses can protect themselves, their employees and their customers against the most prevalent threats.
Think you can spot a phishing email? Take this quiz to find out your Phishing IQ.
Phishing (SANS Institute)
CEO Fraud (SANS Institute) – Spear Phishing and Senior Executive Impersonation
What Is Malware? (SANS Institute)
Yes, You Actually Are a Target (SANS Institute)
Malware & Botnets (StaySafeOnline)
Ransomware (SANS Institute)
Ransomware Facts & Tips (StopThinkConnect)
If a website or web form asks for sensitive information, credit card/financial information, or prompts for a username and password, be sure to look for the “s” in “https://” at the beginning of the URL. If the web address has “http://” instead of “https://”, do not fill out the form or credentials on that page, as this means your data will not be encrypted when you submit. Instead it will be sent in plain text that a hacker can easily read.
When you visit a secure, encrypted webpage, your browser will likely show a padlock or security icon to the left of the web address field. Check out the examples below to see what this looks like on the most popular browsers:
Google Chrome:
Firefox:
Microsoft Edge: (even though the browser is hiding the “https://” section of the web address, you can still click on the padlock to ensure its security)
Other Resources:
Online Shopping (StaySafeOnline)
How Can I Tell If a Web Page Is Secure? (SSL)
Understanding Web Site Certificates (US-CERT)
October 22 – 26
Safeguarding the Nation’s Critical Infrastructure
Our day-to-day life depends on the country’s 16 sectors of critical infrastructure, which supply food, water, financial services, public health, communications and power along with other networks and systems. A disruption to this system, which is operated via the internet, can have significant and even catastrophic consequences for our nation. Week 4 will emphasize the importance of securing our critical infrastructure and highlight the roles the public can play in keeping it safe. In addition, it will lead the transition into November’s Critical Infrastructure Security and Resilience Month, which is spearheaded by the U.S. Department of Homeland Security.
“I’m Hacked, Now What?” (SANS Institute)
Hacked Accounts (StaySafeOnline)
So often we see in the news yet another report of a massive data breach, such as the one at Yahoo! in September. There are a couple of services you can subscribe to that will notify you if your email address has appeared in a massive data breach.
HaveIBeenPwned is a free resource for anyone to quickly assess if they are at risk due to an account compromise in a data breach. You can either search your email address(es) a single time to find out if it’s been breached in the past, or subscribe to the service so you will receive an alert if your account appears in a breach in the future.
Pastebin is a free resource used to share information online. It is mainly used by program developers to share pieces of source code, however hackers often use this page to share stolen credentials. Using the site in this manner is against Pastebin’s Acceptable Use Policy and they will remove these pastes as they are reported. If you create an account, you can subscribe to “MyAlerts” for free and enter up to 3 different email addresses. Pastebin will alert you if any of these email addresses show up in their pastes.
What to Do When You Receive a Data Breach Notice (Privacy Rights Clearing House)
What to Do After a Data Breach (Tom’s Guide)
National Cyber Security Alliance Statement Following Reported Massive Data Breach at Yahoo! Inc [Includes Advice] (StaySafeOnline)
