White House Highlights Cybersecurity Awareness Month

October 03, 2022 - President Biden designated October as Cybersecurity Awareness Month and encouraged the public and private sectors to take immediate action to protect against cyber threats in a White House press release.

“Cyberattacks affect our day-to-day lives, our economy, and our national security. By destroying, corrupting, or stealing information from our computer systems and networks, they can impact electric grids and fuel pipelines, hospitals and police departments, businesses and schools, and many other critical services that Americans trust and rely on every day,” the announcement stated. 

“That is why my Administration started working immediately to shield our country and improve our defenses against cyberattacks.”

Referring to last year’s executive order aimed at improving the nation’s cybersecurity, President Biden stressed the importance of maintaining strong cybersecurity controls within federal agencies. The executive order focused on removing barriers to threat-sharing, establishing minimum security standards for federal agencies, and modernizing and streamlining cybersecurity efforts.

However, the President noted, “government cannot meet our cyber resilience goals alone.”

The Administration underscored the need for private-public sector collaboration, even beyond critical infrastructure and federal entities.

“Cybersecurity is not limited to Government or critical infrastructure.  Hackers target Americans every day, and cybersecurity is about protecting the American people and the services we rely on,” the announcement continued. 

“This month, I encourage all Americans to increase their cybersecurity at home, at work, and in schools by taking steps such as enabling multi-factor authentication, using a trusted password manager and strong passwords, recognizing and reporting phishing, and updating their software regularly. As the threat of malicious cyber activities grows, we must all do our part to keep our Nation safe and secure.”

According to the Cybersecurity and Infrastructure Security Agency (CISA), Congress and the President have designated the month of October as Cybersecurity Awareness Month since 2004. This year’s theme is “See Yourself in Cyber.”

“This October will focus on the ‘people’ part of cybersecurity, providing information and resources to help educate CISA partners and the public, and ensure all individuals and organizations make smart decisions whether on the job, at home or at school – now and in the future,” CISA stated.

The HHS 405(d) Program and Task Group released a Cybersecurity Awareness Month toolkit for healthcare organizations in particular. The toolkit entails four emails and four social posts that can be distributed within healthcare organizations to raise cyber awareness.

The contents focus on enabling multi-factor authentication, recognizing and reporting phishing, updating software, and using strong passwords.

Although security may seem daunting, there are numerous free resources that healthcare organizations can use to bolster their cybersecurity practices and heighten awareness. For example, the Health Sector Coordinating Council (HSCC) maintains a multitude of useful resources, such as an Operational Continuity Cyber Incident (OCCI) checklist, a Medtech vulnerability communications toolkit, and other best practices.

In addition, federal frameworks such as the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) can further help organizations safeguard sensitive data.

For the purposes of this year’s Cybersecurity Awareness Month theme, organizations may want to further emphasize cyber hygiene among non-security-focused healthcare professionals and promote awareness of best practices such as multi-factor authentication and password management.