October is finally here my dedicated readers. I have been waiting for this all year! Each Friday throughout October we celebrate "Cybersecurity Awareness Month". This is so important to organizations and individuals that the US Government, way back in 2004 declared each October Cybersecurity Awareness Month.

Common topics are explored that are timely and important to understand and follow. Each issue of Cybersecurity Friday will cover that week's topic. In early November we will explore all of these topics in the classroom, together.

This week I want to give a big Cybersecurity Shout Out to everyone in our organization, including our elected officials. I am always impressed with everyone's engagement and respect for our cybersecurity efforts. I understand that from time to time, a valid and safe email is blocked by our advanced threat protection solution and even during these occasions staff is patient and understanding.



Together we protect ourselves, and our organization.

Since 2004, the President of the United States and Congress have declared the month of October to be Cybersecurity Awareness Month, a dedicated month for the public and private sectors to work together to raise awareness about the importance of cybersecurity. The Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) partner to create resources and messaging for organizations to use when they talk with their employees, customers, and memberships about staying safe online. 

This month we will focus is on four key behaviors that is understood and followed go a long way in protecting yourself and your organization:

• Week 1: Using Strong Passwords Password Manages
• Week 2: Multi-factor Authentication
• Week 3: Updating Software
• Week 4: Recognizing and Reporting Phishing

We will, of course cover other timely topics each week as we explore Cybersecurity Awareness Month together.

Multi-factor authentication is sometimes called two-factor authentication or two-step verification, and it is often abbreviated to MFA. No matter what you call it, multi-factor authentication is a cybersecurity measure for an account that requires anyone logging in to prove their identity multiple ways. Typically, you will enter your username, password, and then prove your identity some other way, like with a fingerprint or by responding to a text message.  

Why go through all this trouble? Because multi-factor authentication makes it extremely hard for hackers to access your online accounts, even if they know your password. 

It might seem like a lot of work, but once you have multi-factor authentication set up, proving your identity usually adds just a second or two to the log-in process. And the peace of mind multi-factor authentication provides is well worth it. 

I recommend that you implement multi-factor authentication for any account that permits it, especially any account associated with work, school, email, banking, and social media.  

When you turn multi-factor authentication on for an account or device, your log-in process will require a bit more verification.  

You will be asked for your username and password.  

If these are correct, you will then be prompted to prove your identity another way. You might be able to set up your smartphone, for example, to use a facial scan as verification. Other online accounts might send your phone number or email address a one-time use code that you must enter within a certain frame of time. Some accounts will require you to approve access with a standalone authenticator app like Duo or Google Authenticator.  

Multi-factor authentication can take several different forms, including: 

• Inputting an extra PIN (personal identification number) as well as your password 
• The answer to an extra security question like “What town did you go to high school in?” 
• A code sent to your email or texted to your device that you must enter within a short span of time.
• Biometric identifiers like facial recognition or fingerprint scan 
• A standalone app that requires you to approve each attempt to access an account 
• An additional code either emailed to an account or texted to a mobile number
• A secure token – a separate piece of physical hardware, like a key fob, that verifies a person’s identity with a database or system

This week we have another fun Cybersecurity Crossword Puzzle.

You can click the above image to test your Cybersafe knowledge. Good Luck!

Not every account and device offers multi-factor authentication, but it is becoming more common every day. You might already have it set up for your devices, like if you use a Face ID or fingerprint scan to unlock your phone or laptop. multi-factor authentication is now often found in many workplaces and universities, too.  

Here are some types of accounts that often offer multi-factor authentication. Check to see if you can turn multi-factor authentication on: 

• Banking 
• Email 
• Social media 
• Online stores 



Multi-factor authentication adds an entire layer of security on your important accounts beyond your password. Your data is precious and important – multiplying its protection is a great idea. Let’s use multi-factor authentication everywhere! 

While multi-factor authentication is one of the best ways to secure your accounts, there have been instances where cybercriminals have gotten around multi-factor authentication. However, these situations typically involve a hacker seeking multi-factor authentication approval to access an account multiple times and the owner approving the log-in, either due to confusion or annoyance.  

Therefore, if you are receiving multi-factor authentication log-in requests and you aren’t trying to log in, do not approve the requests! Instead, contact the service or platform right away. Change your password for the account ASAP. Also, if you reused that password, change it for any other account that uses it (this is why every password should be unique). 

Don’t let this deter you, though. multi-factor authentication is typically very safe, and it is one of the best ways you can bolster the security of your data! 

Next week we continue with Week 3 of our journey through this year's Cybersecurity Awareness Month learning just why it is so important to keep your computer and mobile device's software up to date.