Cybersecurity is an “all hands on deck” effort to ensure the nation’s networks and systems are protected against those who wish to do us harm. Last week, we talked about what the Navy is doing at the enterprise level to protect our nation, our Sailors and their families from attack. This week, we will discuss the importance of individual behavior in defending our interests in cyberspace and ensuring the operational readiness of the U.S. Navy’s networks and systems.
Individual behavior is critical because 84 percent of cybersecurity breaches are caused by human error, according to current estimates. Attacks are becoming more frequent and more sophisticated all the time, requiring increased vigilance among Sailors, civilians and contractors, and strict adherence to security guidelines. Failure to follow proper online procedures endangers every member of the team. Everyone with access to the network must be aware of the threat and safeguard their data by developing strong passwords and changing them often; exercising vigilance on social media by limiting the data they share; and protecting themselves against phishing attempts by practicing caution when opening documents or clicking on links. But that’s not all.
The Navy provides detailed guidance on cyber behavior, which is developed by teams of experts with insight into the specific strategies and tactics employed by our adversaries. This guidance, however, is useless if even one Sailor, civilian or contractor neglects to follow it, because it only takes one breach to enable access to the network and compromise operational security and the mission.
Below are some of the steps all hands should take – while at home and at sea – to keep Navy networks and systems safe:
-- Be Aware of Your Cyber Footprint. If an adversary could create your dossier, using your profile information from various sites as well as your online behavior, what would it look like and how accurate would it be? Practice good judgment when choosing what personal information you share online, and verify that you are sharing information on trusted websites.
-- Understand Your Cyber Terrain. Do you know all the entry points into your home network, systems, or personal devices to include routers, ports, Internet of Thing devices, and (public) Wi-Fi, and are they protected or secured? Be aware of what you are sharing online when you are using shared Wi-Fi networks at coffee shops, airports and other public spaces, which are more vulnerable to cyber intrusions or attacks.
-- Check for Weekly Updates. For your home setup, are you vigilant in checking vendor websites for up-to-date information on vulnerabilities and threats related to hardware, software and applications? And more importantly, do you implement the necessary updates? To safeguard yourself against malware and other viruses, update your home computer regularly with the necessary protection from trusted sources.
-- Create a Cybersecurity Culture. Is cybersecurity part of your workspace culture beyond the annual cyber awareness required training? Do your family members, including those with whom you may share password information or devices (e.g. children), fully understand how to protect your information and devices? Is cybersecurity an individual or a team effort at work or at home? Using information in this blog post, resources available at https://www.dhs.gov/stopthinkconnect-toolkit and elsewhere, educate yourself and your family on safe online behavior to ensure cybersecurity practices become a habit instead of an obligation.
Remember that you are always operating in the cyber battlespace and should exercise caution when operating online. If everyone does their part – implementing stronger security practices, raising community awareness, educating vulnerable audiences, and training employees – our interconnected world will be safer, more resistant from attacks and more resilient if an attack occurs.
Editor’s note: Since its establishment, U.S. Fleet Cyber Command (FCC)/U.S. 10th Fleet has grown into an operational force composed of more than 14,000 active and Reserve Sailors and civilians organized into 28 active commands, 40 Cyber Mission Force units, and 26 Reserve commands around the globe. FCC serves as the Navy component command to U.S. Strategic Command and U.S. Cyber Command, and the Navy’s Service Cryptologic Component commander under the National Security Agency/Central Security Service. Commander, U.S. 10th Fleet, the operational arm of FCC, executes its mission through a task force structure similar to other warfare commanders. In this role, C10F provides support of Navy and joint missions in cyber/networks, cryptologic/signals intelligence and space.