Ethics and Cybersecurity Awareness

The Need for Cybersecurity Awareness

USG Cybersecurity detects about 2 million threats to USG information systems per day. On average, more than a month of time and effort is required to contain the typical security breach. Remediation efforts cost about $135 per record. In addition to remediation costs, USG organizations suffer damage to their reputation when we experience an information systems breach.

Moreover, mobility and miniaturization of systems enable attackers to use new ways to threaten the organization. Small mobile devices are harder to detect and neutralize when brought into our network. Small mobile devices are more convenient but also more easily stolen and lost. When we lose a mobile device, we also lose control of the information it stores.

Fortunately, we can minimize the risk of information exposure. One effective measure is a cybersecurity program drawing attention to the most common threats encountered by the organization.

The Principles of Cybersecurity?

The three central principles of cybersecurity are Confidentiality, Availability and Integrity. Often termed the CIA Triad, each principle is both individually and integrally important. As information users, creators, and maintainers, the things we do impact one or more of these principles.

Confidentiality means ensuring access to information is permitted to authorized people or programs. It also means access is denied to unauthorized people or programs.

Availability means information resources are available at predetermined times. When a loss of availability occurs outside of scheduled maintenance periods, access to authorized parties is denied. For example, if an important system loses power, it is no longer available to users.

Integrity means information resources can be trusted to be correct. If unauthorized actions by people, hardware or software alter information, a system is no longer reliable for decision-making or record keeping.

Accidental and intentional actions impact confidentiality, availability or integrity of our information. It is everyone’s responsibility to ensure our actions, or the actions of others, do no harm to the information entrusted to us.

Appropriate Use Policy

Each USG organization has an appropriate use policy for computers and networks. The policy expresses the general responsibilities of each individual and the organization pertaining to information system use. In addition, standards and guidelines exist to address specific activities associated with our information systems.

MGA’s Appropriate Use Policy

Please take a few minutes to review this policy during Ethics Awareness Week and be safe.