Nine Ways to Stay Safe Online — CAM Toolkit 2025

Nine Ways to Stay Safe Online CAM Toolkit 2025

What Is Cybersecurity & Why It Matters

Definition

Cybersecurity is the protection of computer systems and networks against malicious activity that could expose, steal, or damage data, software, or hardware. Strong practices safeguard intellectual property, sensitive information, and the systems that power your operations.

Why it’s important

Whether public or private, organizations need tailored plans and processes to protect operations and critical infrastructure. Implementing best practices reduces risk and strengthens resilience.

Four Essential Behaviors to Stay Safe Online

1) Update Software

Updates close security gaps. They only help if you install them.

  • Install updates immediately — skip “remind me later.”
  • Enable automatic updates where possible.
Look for updates:
  • System/app Settings
  • Notifications on your phone/computer
  • Browser alerts (upper corner)

2) Use Strong, Unique Passwords

  • Long: aim for at least 16 characters
  • Random mix: upper/lowercase, numbers, symbols, spaces
  • Unique: never reuse a password
  • Prefer passphrases (5–7 unrelated words)
Password Manager Benefits
  • Stores and auto-fills credentials
  • Generates strong, unique passwords
  • Flags duplicates
  • Resists phishing by filling only on legitimate sites
  • End-to-end encryption means the vault provider can’t read your passwords

3) Turn On Multifactor Authentication (MFA)

MFA adds a quick second step to verify it’s really you. Use it everywhere it’s offered—especially for email, financial accounts, and any service with personal data.

Choose the most secure method available
  • Best: Physical security key (e.g., YubiKey)
  • Authenticator app with number matching
  • Authenticator app with rotating 1-time codes
  • Biometrics (fingerprint/face)
  • Least secure: SMS or email codes

4) Recognize & Report Phishing

Phishing tries to trick you into clicking, opening, or sharing info.

Common red flags

  • Urgent or fear-inducing tone (“Act now or else”)
  • Sender address doesn’t match the real domain
  • Unexpected emails/attachments
  • Requests for personal info via email/call
  • Typos, bad grammar, odd URLs (AI can hide these—stay alert)

If you spot a phish

  • Don’t click links or “unsubscribe” in suspicious emails
  • Don’t open unexpected attachments
  • Don’t share personal info
  • Do verify via a known phone number or email
  • Do report to IT or your mail/phone provider
  • Do use email filters; when in doubt, delete it

Level Up Your Defenses (for Business & Government)

Use Logging & Monitoring

Logging records activity (who, what, when, where). Monitoring reviews those logs—ideally in real time—to spot anomalies and unauthorized behavior. Together, they define “normal” and reveal threats quickly.

Get started with free tooling:

Back Up Data

Backups are secure copies of critical data stored separately. They’re essential for recovery after ransomware, system failure, or disasters.

The 3-2-1 rule
  • 3 copies of important files
  • 2 different storage types (e.g., external drive + cloud)
  • 1 copy off-site

Encrypt Data

Encryption scrambles information so only someone with the key can read it. Even if attackers get a copy, encrypted data stays unreadable.

  • Encrypt devices, drives, removable media, and laptops holding sensitive data
  • Encrypt at rest and in transit
  • Maintain offline, encrypted backups—and test them regularly

Report Cyber Incidents to CISA

What to share

Reporting suspected or confirmed incidents, vulnerabilities, or suspicious activity helps everyone. Sharing is bidirectional:

  • You share: indicators of compromise, methods, timelines, impacts
  • CISA shares: alerts, bulletins, mitigation guidance, protective tools

How to report

Use CISA’s online form:

cisa.gov/report →

Additional Resources

Quick Tips

  • Adopt MFA everywhere possible
  • Use a password manager for every account
  • Patch quickly; auto-update when available
  • Backups + encryption = rapid recovery
  • Log, monitor, and alert on anomalies
  • Report suspicious activity early

Get in Touch

Cybersecurity and Infrastructure Security Agency (CISA)
Email: central@cisa.gov

Information Technology (IT)
Email: support@piedmontcc.edu

© 2025 — Nine Ways to Stay Safe Online