Cybersecurity Awareness 2015

October is Cybersecurity Awareness Month

Governor Pat McCrory has proclaimed October Cybersecurity Awareness Month. During this month, we encourage all State members to take the time to Stop, Think, and then CONNECT! Cybersecurity is everyone’s responsibility.

Technology and the use of networks are pervasive and have become a part of our daily lives. These connections, and the decisions and actions we take using them, determine the type of target we become. Do you consider yourself a strong target? Do you follow best practices and take caution when opening unfamiliar emails? Or are you a weak target, failing to follow general principles and guidelines? Stop, Think, Connect!

Recent Statistics

Statistics show that roughly 80 percent of compromises and attacks can be prevented by following best practices. Simple patching of your devices, both at home and at work, can eliminate vulnerabilities that are considered low hanging fruit to hackers and hacktivists.

Technology research firm Gartner stated in a recent article, "Through 2015, 80 percent of successful attacks will exploit well-known vulnerabilities and be detectable via security monitoring.” Another article stated that, in most cases, hackers rely on computer bugs that have been around since as early as 2002. The other 20 percent can be prevented by users maintaining awareness of their environment by taking mandatory cyber training and awareness offerings to ensure you are up to date with the latest attack mechanisms and vectors. It is also important to share the information with others in a timely manner, to help other agencies and organizations to better harden their systems.

Take the Cyber Hygiene Pledge

At the N.C. Department of Information Technology, we strive to give the best service to our customer agencies and citizens. It is important that we take the needed time to ensure that we have addressed any possible risks and take corrective actions as needed. Remember that nearly 1 million NEW malware are detected every day. We cannot solely rely on our security appliances, and we need you, the end user, the system administrator, the network engineer, the database administrator, the HR specialist, to continue to remain vigilant.

This month, State Chief Information Risk Officer Maria S. Thompson challenges everyone to take the Cyber Hygiene Pledge.

Remember: Cybersecurity is everyone’s responsibility. Do your part.

Tips and Resources

Tip of the Week: Make Sure Your Mobile Apps are Safe

We've come to depend on our mobile devices so heavily it is hard to remember what we did before we had them. If you have a mobile device (smartphone, tablet, etc.), you now carry a fully functional computer in your pocket, purse or bag. That's a tremendous amount of information at your fingertips! Therefore, it is paramount that you safeguard your mobile device. Be careful when you install apps on your mobile device. Consider the following items.

Install applications from trusted sources.

Last fall, Gartner issued a prediction that more than 75 percent of mobile applications will fail basic security tests through 2015. Be aware of which app store you use, as not all have the same standards for vetting applications. Always install apps from a trusted source. This helps ensure the app isn't fake or malicious.

Review the app permissions.

Many apps want more permissions than are actually needed for their function. For example, some flashlight apps want access to your contacts. Why? Usually for marketing purposes to build a better profile on you and your friends. Don't install apps that require excessive permissions. If the app requires more access to your account and/or device than is needed to run the service, do not use it.

Understand the terms of use.

When downloading apps, be proactive and make sure that you read the privacy statement and check the app reviews and look online to see if any security company has identified the app as malicious. In addition, be aware that terms can change over time. Review your terms of use often.

For more information, please visit:

Other Resources