Securing the State

Cybersecurity Awareness Cybersecurity Awareness Materials


The Division of Information Security strives to improve the overall security posture of the agencies, boards and commissions it serves but to also share information security best practices, links, and assorted other information regarding information security.

buzz.pngWhat is Cyber Security?

Cybersecurity is a frequently heard buzzword. It is defined in a variety of ways but the National Institute of Standards and Technology (NIST) defines Cybersecurity as:
"The body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access."

Information Security vs. Cybersecurity

 ​Remember, information security is concerned with all information no matter the format, storage or mode of transmission (electronic, paper or oral). The term "Cybersecurity" has a digital or computer implication.

What is Phishing?

The term "Phishing" is not referring to an activity that involves a pole and a lake!  Phishing (pronounced fishing) is a type of deception or fraud that uses e-mail messages, websites or phone calls to dishonestly exploit sensitive information from you OR install malicious software on your computer.  Any time of year is "Phishing" season.  Explore:

  • The "Phishing Emails and You" newsletter
  • Flyers on Phishing and Smishing
  • The Ask a Hacker series of videos 

Avoid being Phished!

Phish Bytes – The fresh catch

Highlighted below are examples of texts, phone calls, and emails our employees have seen at work or in their personal lives.  Click the Phish Bytes section to the right to see previous “catches”.

Catch of the week

Why is the above fake?

• If you work in an office setting, you would not receive an email from Microsoft regarding your account.  Any email would be from your internal IT team. 
• Look carefully at the sentence that says “upgrade now to avoid email issues.”  Upgrade is not capitalized but yet it uses a period.  Grammatically incorrect. 
• For a home user, always go to the trusted website of your service provider and login with your credentials.  No need to click on a link in the email when you know the correct website for your accounts.