miércoles, 31 de octubre de 2018

Cyberfit Family: Making cybersecurity understandable for all ages | Health.mil

Cyberfit Family: Making cybersecurity understandable for all ages | Health.mil

health dot mil banner image

Cyberfit Family: Making cybersecurity understandable for all ages

By making cyber fitness a part of daily routines, families can protect their online information and personal well-being.

From protecting systems and data to regular training updates, cybersecurity is a top priority in the workplace – and it should be at home, too. By making cyber fitness a part of daily routines, families can protect their online information and personal well-being.

Servio Medina, Cyber Security Division Policy Branch lead at the Defense Health Agency, said cybersecurity used to be considered a technological problem, but now it’s viewed as a human knowledge problem and a personal responsibility. The need for cyber awareness goes beyond the workplace and into homes, impacting items ranging from electronic devices to toys, and increasing the importance for people of all ages to be ‘cyberfit,’ as Medina says.

“We do want to empower [people] to not unwittingly compromise their own information and their own well-being,” said Medina while speaking at Defense Health IT Symposium in July. Part of the Military Health System’s role in taking care of families is helping them understand how to protect their online presence, he said.

Cyberfitness, also known as cyber hygiene by the Department of Health and Human Services, is defined as an individual’s health or security when conducting all activities online. Medina called it a readiness issue.

Being cyberfit includes recognizing risky behavior, such as clicking a link in a suspicious email, said Medina. Federal employees are required to take yearly cyber awareness training and comply with Health Insurance Portability and Accountability Act (HIPAA) guidelines for protecting health care information. But roughly 80 percent of cybersecurity breakdowns can be traced back to human error after training, according to a 2015 Department of Defense memo that included a plan to close the gap.

Medina said an increase in awareness and accountability is needed to reduce cyber risks. He draws a parallel with the practices and choices we make every day for overall fitness.

“You should probably get a medical expert’s assessment if you suspect having something worse than a cold, yet we really don’t have the same mindfulness when it comes to cyber practices and choices,” said Medina. The DoD released its 2018 Cyber Strategy, which emphasizes that leaders and their staffs need to be “cyber fluent” so they can understand the cybersecurity implications of their decisions.

“By understanding the consequences of their cybersecurity decisions on the job – and seeking a cybersecurity expert’s assessment – people can be better equipped to use this knowledge in their activities outside the office,” said Medina.

“We at the DHA care about family cyberfitness because innovations are enabling Military Health System beneficiaries to have greater and easier access to electronic health records, communication and prescription tools, and more,” he said. “Without cyberfitness, these health IT innovations might lead to information being misused by mistake or on purpose.”

Medina said military families in particular often face challenges with cyberfitness. Frequent moves and deployments upset routines and social connections. Some parents may become so distracted by the basic details of re-establishing households that they don’t pause to consider what their children – who seem to be positively occupied – may be doing online, he said.

Kelly Blasko, a psychologist and program lead for the mobile app and web program in the Connected Health branch in the Defense Health Agency at Joint Base Lewis-McChord in Washington, referred to video games and online chat rooms as examples of possible security threats facing children and teenagers.

“We tell children not to talk to strangers and that’s usually in a face-to-face situation, but it’s true on the internet as well,” said Blasko, a representative for Military Kids Connect. Cyber predators can target minors through the use of false links that allow access to the computer or accounts used by the child, she warned. “That really puts them at risk.”

Identify theft is often thought of as a problem for adults connected to financial identity, but children can also be targets, Blasko said. “They use the family computer and it might have banking account information or Social Security numbers that could allow someone to open a credit card in the name of a child, and then that ends up being a real problem.”

Medina said it’s important for parents to talk with children about cyberfitness frequently and candidly. He stressed that those conversations can empower children to make smart decisions and understand that cyberfitness is a daily priority. “Begin the conversations when they’re young, with age-appropriate messages on topics like creating strong passwords, safeguarding personal information, and turning to a trusted adult immediately if anything online makes the child uneasy.”

Blasko recommends having the conversation before any security concern comes up. Paying attention to how children and teenagers use the internet, educating them on cyber awareness, and having an open dialogue can allow young people to feel comfortable going to a parent or trusted adult for help, she said.

According to the Department of Homeland Security, children between the ages of 8 and 18 spend an average of seven and a half hours online every day at home, school, and public spaces.

“Practically everyone, young or old, can click into and connect with data, information, and other people,” said Medina. Many household items that rely on an internet connection and may seem mundane – such as security cameras, baby monitors, or wireless devices – can put people at risk for a cybersecurity breach, said Blasko.

Medina said the Defense Health Agency’s health information technology team offers information to ensure cyberfitness at home, including a five-day plan: Day 1 – add strong passwords to devices; Day 2 – clean out mobile apps; Day 3 – protect stored information; Day 4 – share information wisely; and Day 5 – beware of health information fraud.

The DHS campaign, Stop.Think.Connect, offers parent and educator resources for talking about cybersecurity with children.

“We have to protect our military children and families,” said Blasko. “They’re really who we serve and we don’t want them to be jeopardized in any way.”

PEO DHMS celebrates National Health IT Week

Article

10/19/2018

Leaders and staff from the PEO DHMS shared their stories about why health IT is important

Recommended Content:

Technology | Military Health System Electronic Health Record | Electronic Health Record Modernization & Interoperability

DHA IPM 18-016: DHA IPM 18 016 Medical Coding of the DoD Health Records

Policy

This Defense Health Agency-Interim Procedures Memorandum (DHA-IPM), based on the authority of References (a) and (b), and in accordance with the guidance of References (c) through (s): • Establishes the Defense Health Agency’s (DHA) procedures for centralized oversight, standardized operations, and ensured quality and performance for the coding of DoD Health Records. • This DHA-IPM is effective immediately; it will be converted into a DHA-Procedural Instruction. This DHA-IPM will expire 12 months from the date of issue.

Identification #: 18-016
Date: 10/19/2018
Type: DHA Interim Procedures Memorandum
Topics: Technology | Military Health System Electronic Health Record

DHA IPM 18-015: Cybersecurity Program Management

Policy

This Defense Health Agency-Interim Procedures Memorandum (DHA-IPM), based on the authority of References (a) through (c), and in accordance with the requirements of References (d) through (y): • Establishes the Defense Health Agency’s (DHA) procedures to implement and maintain a DHA Cybersecurity Program for the Military Health System (MHS) to protect and defend DHA information and Information Technology (IT). • Is effective immediately; it will be converted into DHA-Procedural Instruction (DHA-PI), “Cybersecurity Program Management.” This DHA-IPM will expire effective 12 months from the date of issue.

Identification #: 18-015
Date: 10/17/2018
Type: DHA Interim Procedures Memorandum
Topics: Technology

Encryption Wizard Info

Presentation

10/15/2018

Encryption Wizard (EW) is simple, strong, Java-based file and folder encryption software for protection of sensitive information, such as FOUO, PII, CUI, and Privacy Act data. This Presentation provides complete details about EW.

Recommended Content:

Technology

October 2018 Webinar

Presentation

10/15/2018

October 2018 Webinar

Recommended Content:

Technology

October 2018 Post Test

Presentation

10/15/2018

Recommended Content:

Technology

October 2018 CVS Caremark Electronic Billing Process

Presentation

10/15/2018

Recommended Content:

Technology

DHA IPM 18-013: Risk Management Framework (RMF)

Policy

This Defense Health Agency-Interim Procedures Memorandum (DHA-IPM), based on the authority of References (a) through (c), and in accordance with the guidance of References (d) through (ac): • Incorporates cybersecurity strategy, policy, awareness/training, assessment, continuous monitoring, authorization, implementation, and remediation. • Aligns with the Deputy Assistant Director, Information Operations (DAD IO) J-6/Chief Information Officer’s (CIO) key concept of increasing cybersecurity of Defense Health Agency’s (DHA) Information Technology (IT); therefore, robust risk assessment and management is required. • Encompasses lifecycle risk management to determine and manage the residual cybersecurity risk. • This DHA-IPM is effective immediately; it will be converted into a DHA-Procedural Instruction. This DHA-IPM will expire effective 12 months from the date of issue.

Identification #: 18-013
Date: 10/10/2018
Type: DHA Interim Procedures Memorandum
Topics: Technology