Month: August 2023

October is National Cybersecurity Awareness Month. Held every year in October, the inaugural month of cybersecurity celebration began in 2004. The decision to focus on cybersecurity was a collaborative effort between the National Cyber Security Division within the Department of Homeland Security and the National Cyber Security Alliance (a nonprofit). The goal continues to be to ensure everyone has the resources needed to be as safe and secure online as possible. By putting a lens more directly on the importance of cybersecurity, the goal is to also provide both the public and private sectors with tools and resources to be proactive in enhancing cybersecurity practices.  Intentional, strategic cybersecurity practices for both homes and businesses are the key to providing cyber vigilance.

What is the value of cybersecurity awareness?

Almost 90% of data breaches are caused by human error*; the human factor is the weakest link. Security-aware employees are one of the primary lines of defense in the business world. Security-aware family members are one of the primary lines of defense in your home. Security-aware individuals and organizations help provide protection from cyber threats, which are becoming stronger and increasingly relentless. By adding cyber security awareness to your toolbox, you better understand threats and how to prevent and/or abate cyber attacks. 

What are the essential elements of good cybersecurity?

There are 6 main elements that should be addressed when considering cybersecurity:

• Application Security – Application security adds security measures inside the applications we all use every day. Examples are firewalls, antivirus software, and encryption techniques. 
• Information Security – Information security references the security controls put into place to protect information collected by companies from their clients. Examples of the information to protect include personal data and login credentials.
• Network Security – Network security defends and protects computer networks from unauthorized network access. 
• Operational Security –  Security and risk management processes designed for risk management as countermeasures to reduce or eliminate threats to the exploitation of sensitive information.
• End-User Security – End-user security is educating your employees, and yourself, about cybersecurity best practices. 
• Disaster Recovery Planning – Disaster recovery planning is your continuity plan describing the procedures and steps that are put in place to efficiently and successfully if a breach should occur. 

How can we promote cybersecurity awareness?

The first step to promoting cybersecurity awareness is to lead by example. Make cybersecurity a priority in your life, at home, and at work. If you are an employer, take a look at what your current practices are, where you see room for improvement and assist your employees in increasing their cybersecurity awareness. If you are an employee, start the conversation with your employers about the importance of cybersecurity awareness and encourage them to look at their current practices as well as current best practices. Better yet, help them take these steps by working alongside them. The way to promote awareness is by making it a priority, not only for you but for those around you. We all continue to learn, and cyber threats and consistency continue to increase. Increasing awareness is for everyone, even those with background knowledge, experience and skills

Essential Cybersecurity Tips

Luckily, there are some key cybersecurity tips to assist in expanding your cybersecurity awareness.

• Password Safety – Learning to construct a strong, unique password is critical.

TIP: Create strong, unique passwords. Create individual passwords for all accounts. See some key factors to a strong password here.

TIP: Use a password manager to keep track of your passwords. We know it is not a good idea to use the same password for all online accounts, let alone share a password with work and home log-ins. A password management application is safe, convenient, and assists with the lift of password management. 

• Phishing – Knowing how to identify phishing and what to do if phishing is suspected can help protect your various accounts, and your identity, for both you and your employer.

TIP: Take a close look at your email before clicking any links. Keep an eye out for: spelling and grammar errors, things that sound too good to be true, nuances in the sender address that do not match the sender’s normal address, urgency, and requests for personal information.

TIP: Just as you clean your house regularly, regularly check to see if your email has been breached. Add this check to your routine, and always update passwords for accounts that have been breached. (Check if your email address was in a breach here.)

• Malware and Ransomware – Understanding the difference between these two words, what an attack can look like, and implementing prevention methods is a step towards limiting the impact these bring.

TIP: Hover over links to see and verify URLs before clicking. When in doubt, go directly to the source to verify requests or offers. Remember, “mail.google.com” is owned by Google, but “google.mail.com” is not.

• Mobile Device – Understanding how to keep data safe (application permissions, phone calls, network/Bluetooth connections, and sharing information between applications) protects you from threats you may not realize are there.

TIP: Don’t access workplace data on mobile devices unless authorized and necessary. 

TIP: Use a VPN or your personal hotspot when on the move. 

• Social Media – Implementing strong security settings and thoughtful consideration of what you share on social media helps keep you safe.

TIP: Use unique passwords for each social network and implement multi-factor authentication (MFA).

• Work from Home – Recognizing the dangers of unknown networks, the importance of securing devices in transit and public places, and how to handle secure information helps you keep yourself and your organization safe while you work remotely.

TIP: Make sure all company data is saved on the company network, have a proper backup strategy, and follow all set cybersecurity policies of your employer.

What now? 

The first step to increasing cybersecurity awareness is to start a conversation with those around you. Have a discussion as to why cybersecurity awareness is important, why you would like to focus on cybersecurity as a priority, and start building your plan to increase cybersecurity awareness. 

There are a vast array of opportunities to take trainings or courses to add to your cybersecurity knowledge toolbox. Options include opportunities online and in person, short 20-30 minutes sessions to certification and degree opportunities. There are organizations out there that can help you determine goals, set up plans, and track progress for individuals and organizations as a whole. Assess your individual and organizational needs and determine what path is best for you and your team. What parameters fit your goals and needs. 

Cybersecurity Awareness Can Be Fun!

Cybersecurity is of course about protection. Cybersecurity, and building your awareness can be fun as well! Check out cybersecurity awareness month activities in your area and see what events may be occurring. One example is Missoula College’s CyberSec Challenge occurring on October 28^th. The event includes expert speakers from the cybersecurity field, challenges of increasing difficulty faced by teams of varying levels, and a prize to the winning team. It also includes enthusiastic participants who want to have some fun, test out their cybersecurity knowledge, or learn more about what a cyber threat may look like. We encourage you to look for events in your area and go have some cybersecurity awareness fun.

Conclusion

Cybersecurity-aware individuals are the primary line of defense from cyber threats and attacks. It is up to each of us to build up our toolbox. Our world continues to become interconnected at a rapid rate. It is up to you to become cyber-aware, but it takes all of us working together to protect the population at large. Working together to make cybersecurity awareness a priority, starting conversations, and taking action to learn more and make proactive plans and strategies will provide the strongest protection in a cyber-filled world.

We are pleased and excited to offer our online, asynchronous opportunities for high school students to earn college credit in cybersecurity. Our Introduction to Cybersecurity provides a remote, early college experience for high school students to explore cybersecurity topics and career opportunities. Our Cybersecurity Certificate of Technical Studies Program is a set of four courses that provides students with an entry-level credential that can lead to the Associate of Applied Science degree in Information Technology. Upon completion of the program, students will receive special recognition indicating completion of an NSA-Approved Cybersecurity Center of Academic Excellence program of study. Students will also have the option of testing for the CompTIA Security+, a recognized DoD certificate, upon completion of ITS 222.

What is ITS 130, Introduction to Cybersecurity?

ITS 130 is an entry-level course offered to high school junior and senior students. Sophomore students are eligible with the recommendation of a school counselor. This course is 3 credits and develops a foundational understanding of cybersecurity and how it relates to information and network security. Minimal computer experience is required for this course. There is no textbook requirement. Topics covered include:

– Privacy
– Computer Ethics
– Networking
– Cyber Attacks
– Cyber Defense
– Career Options in Cybersecurity

What is the Cybersecurity Certificate of Technical Studies (CTS) Program?

Our Cybersecurity Certificate of Technical Studies (CTS) program includes 4 courses (12 credits) where students earn an entry-level credential that will stack to our AAS in Information Technology. Open to high school juniors and seniors. Students who complete the program are prepared to earn the CompTIA Network+ and CompTIA Security+ industry-recognized credentials, which are recognized by the U.S. Department of Defense for certain cybersecurity positions. Topics covered include:

– Networking Concepts
– IT systems and components
– System Administration
– Cyber-threats and cyber defense
– Cryptography
– Policy, legal, ethics, and compliance

This is a CAE Designated CTS Program. What does that involve?

It is important to note that our CTS in Cybersecurity follows a rigorous curriculum approved by the National Security Agency (NSA). Missoula College was the first institution in Montana to be designated a Center of Academic Excellence in Cyber Defense by the NSA. This designation ensures that the curriculum aligns with NSA standards, is taught by qualified faculty, and involves opportunities for students to benefit from cybersecurity-related activities in addition to their classroom studies. The CAE designation is noted on the student’s official University of Montana transcript.

What is the cost of the Early College offerings?

All 5 of our cybersecurity courses are part of the 1-2-Free program. This program allows high school students to earn college credit while in high school for free. Students may take up to 2 college courses (6 credits).

Once a student has used their 1-2-Free benefits, CyberMontana will pay for additional credits hours leading to the completion of the CTS Program. CyberMontana will also provide two vouchers to be used toward the CompTIA Network+ and the CompTIA Security+ Industry Recognized Credential exams upon completion of the CTS. 

CyberMontana was the recipient of Montana’s Future at Work grant, offered through the Montana University System and is funded by the Dennis and Phyllis Washington Foundation. This grant was created with the goal of training school students in the CTE field in the community where they live.

When do courses begin?

All courses are available in the Fall 2023 semester. ITS 130 begins on September 18^th, 2023. **September 11^th is the registration deadline for the ITS 130 course. September 18^th is the deadline for course registration.

The Certificate of Technical Studies courses begin August 28^th, 2023. **August 21^stis the registration deadline for the CTS Program. 

How do I register for the ITS 130 Course or the CTS Program?

There are two pathways to register for these early college courses. 

• If you are a new student, a student who has never taken an early college or dual enrollment course previously, you will need to create and submit an application. The Missoula College  – Dual Enrollment webpage provides all the information you need to make this process easier. After reading the information provided, you will find an “apply now” button at the bottom of the page.
• If you are a returning student, one who has taken an early college or dual enrollment course previously, you are able to request your course. The information for course selection can be found on the same Dual Enrollment webpage. Scroll down to the “Course Selection” section where you will find directions. 

The Dual Enrollment team is available to assist in the case of any hiccups or complications during the registration process. They can be reached at DualEnrollment@UMontana.edu.

Do you work in a high school and would like more information on providing these offerings to your students?

Whether you are an administrator, counselor, IT teacher, or anyone who works with students, you see where students’ passions fall. You also see where new interests are budding. We all want to assist students in finding and pursuing opportunities/pathways that align with where they are at. If Early College is new to you and your school, or you have more questions. Please reach out. You can schedule a 30-minute ZOOM informational session by clicking here.

Get started!

Cybersecurity professionals are in high demand statewide and nationwide. The need continues to grow. Cyber technology is advancing rapidly, as are cyber threats. These programs provide the footing to choose a pathway of your choice. That pathway may involve further studies, stacking these 12 credits into the University of Montana’s AAS. That pathway may lead  gainful employment upon completion of the CTS program and Industry Recognized Credential testing. Either way, employers are looking to develop a cyber workforce with the skills and abilities to meet today’s cyber needs. We look forward to your participation in one of these great cyber opportunities!