ABERDEEN PROVING GROUND, Md.— October is Cybersecurity Awareness Month, a time to reflect on the importance of cybersecurity in our daily lives and the measures we can take to protect ourselves and our nation. This year, the theme is “Building a Cyber Strong America,” which focuses on “Core 4” principles:
- Using strong passwords and password managers
- Avoiding phishing
- Enabling multifactor authentication
- Updating software regularly
G6 Information Systems Security Manager Dillon Crouch said cyber awareness is crucial for the Army as it ensures the safety of all operations, both physical and online. All networks, whether supported by the U.S. Army Network Enterprise Technology Command or mission systems, depend heavily on the human element, making cybersecurity awareness vital. The goal is to educate everyone beyond simply fulfilling the annual cyber awareness training requirement.
AI impacts cybersecurity
Crouch said the rapid rise of artificial intelligence is critical because “it is going to impact everything.” That’s why the Army has implemented Zero Trust, a framework that assumes that no implicit trust is granted to assets or users based solely on their physical or network location or asset ownership. It continuously authenticates, authorizes, and validates access to systems, applications, and data.
Cybersecurity Division Chief Jason Dirla noted that one advantage of AI is its ability to detect irregularities. AI is increasingly being integrated into virus scans, and security information and event management, or SIEM, tools. “AI should greatly enhance how a cyber defender uses data, how they look into things,” he said.
Dirla said AI should reduce the time it takes to complete the Risk Management Framework process by creating documents and graphs with the right prompts—ultimately saving the Army money.
“There is a lot of cost savings that AI is going to have in the cybersecurity world,” he said.
However, Dirla also warned that AI could be used for criminal activity in the future.
Strong passwords
Creating strong, unique passwords for each of your accounts is the first line of defense against cyber threats. A strong password typically includes a mix of uppercase and lowercase letters, numbers, and special characters—and should avoid easily guessable information such as your name, birthdate, or common words.
Crouch recommends using a password manager, a software application designed to securely store and manage login credentials in a personalized "vault" for websites and apps. The advantage is consolidation. Users only must remember one master password for access to all accounts. Password managers use strong end-to-end encryption for all the data in the vault and providers don’t have access to the data, using zero-knowledge architecture. Add MFA to the manager for layered security.
Avoid phishing
Phishing attacks are attempts by cybercriminals to trick users into providing sensitive information, such as usernames, passwords, and credit card details, by pretending to be a trustworthy entity. These attacks often come via email, text message, or phone call.
Tips to avoid phishing:
- Be cautious of unsolicited messages asking for personal information.
- Check the sender’s email address carefully.
- Look for signs of phishing, such as poor grammar, urgent requests, or suspicious links.
- Verify the message by contacting the organization directly using a trusted method.
“You have to do your own research, you have to be your best advocate,” Crouch said.
According to the Federal Trade Commission's Consumer Advice, phone scams come in many forms. Still, they tend to make similar promises and threats, or ask you to pay in a certain way that makes it challenging to get your money back, often through wire transfer, gift card, cryptocurrency, or payment app.
For more information on avoiding phone scams, visit: https://consumer.ftc.gov/articles/phone-scams
Require/enable multifactor authentication
MFA adds an extra layer of security by requiring two or more verification methods to access an account. MFA typically includes:
- Something you know, like a password
- Something you have, like a cell phone
- Something you are, such as biometrics like fingerprint or facial recognition
Enabling MFA significantly reduces the risk of unauthorized access, even if your password is compromised.
“Those who turn on MFA reduce 70 percent of all the cyber breaches,” he said.
Updating software
Cybercriminals frequently exploit vulnerabilities in outdated software to gain unauthorized access to systems and sensitive data. By keeping your software up to date, you reduce the risk of such attacks.
Shared responsibility
Crouch said the “Core 4” principles are not just technical requirements but essential habits that everyone should adopt to protect themselves and contribute to national cybersecurity.
Remember, cybersecurity is a shared responsibility. Stay informed, stay vigilant, and take proactive steps to safeguard your digital life.
Social Sharing