Since 2004, the President of the United States and Congress have declared October to be Cybersecurity Awareness Month, helping individuals protect themselves online as threats to technology and confidential data become more commonplace. The Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) lead a collaborative effort between government and industry to raise cybersecurity awareness nationally and internationally. https://www.cisa.gov/cybersecurity-awareness-month This year, we will focus on four key behaviors which allow users to feel empowered to take responsibility for personal data safety online. WEEK 1 - Enabling Multi-factor Authentication Multi-factor authentication (MFA) is a layered approach to securing physical and logical access where a system requires a user to present a combination of two or more different authenticators to verify a user's identity for login. MFA increases security because even if one authenticator becomes compromised, unauthorized users will be unable to meet the second authentication requirement and will not be able to access the targeted physical space or computer system. See attached fact sheet. Full CISA Multi-Factor Authentication Information: https://www.cisa.gov/mfa MFA helps protect you by adding an additional layer of security, making it harder for bad guys to log in as if they were you. Your information is safer because thieves would need to steal both your password and your phone. https://www.nist.gov/blogs/cybersecurity-insights/back-basics-whats-multi-fa... Additional resources: https://www.cyber.gov.au/mfa https://www.ibm.com/topics/multi-factor-authentication James Hale, ARM-P, ARM-E, CPSI Risk Control Consultant County Risk Sharing Authority 209 East State Street Columbus, OH 43215 614.246.1630 FAX 614.220.0209 " The leader in providing Ohio Counties with exceptional value, service, and protection of assets." [cid:image001.png@01D8D70B.9E199B40] CONFIDENTIALITY NOTICE: This e-mail message (including any attachments) is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy this message and all attachments.