In today’s digital world, businesses are doing more online. Businesses and organizations of all sizes hold valuable data including intellectual property, consumer data, and employee data – making them prime targets for cyber attacks. As recent cyber incidents have shown, cyber criminals often rely on human error – from failing to install software patches to clicking on malicious links to creating easy-to-guess passwords – to gain access to systems and information. From the CEO to the newest employee, cybersecurity requires the vigilance of every employee to keep data, customers, and capital secure.


Organizations of all sizes must empower employees by providing them with information and training about safe online habits. By arming employees with cyber knowledge – like how to create a strong password, how to avoid phishing attacks, and social media best practices – they will be able to protect themselves online at work and at home.

National Cyber Security Awareness Month this October provides a great opportunity to share these cyber best practices from the Stop.Think.Connect.™ Campaign with your employees or coworkers.

  • Require all employees to use strong passwords and change them regularly.
  • Keep your usernames, passwords, or other computer/ website access codes private.
  • Only open emails and attachments from people you know.
  • Do NOT install or connect any personal software or hardware to your organization’s network without permission from the IT department.
  • Make electronic and physical back-ups or copies of all your important work.
  • When you work from home, secure your Internet connection by using a firewall, encrypt information, and hide your Wi- Fi network.

These and other tips can be found in small business section of the Industry and Small Business sections of the Stop.Think.Connect. Toolkit

Cybersecurity at work is more than just employee awareness and safe online habits. Businesses can access the following DHS resources to help with the following critical cyber tasks:

  • Plan for and manage their cyber workforce. The National Cybersecurity Workforce Framework is the foundation for all cyber workforce development activities and was created to increase the size and capability of the U.S. cybersecurity workforce. The Workforce Framework provides employers, employees, educators, students, and training providers with a systematic way to organize the way we think and talk about cybersecurity work, and what is required of the cybersecurity the current and future cyber workforce. For more information, please visit
  • Maintain training for cyber professionals. The Federal Virtual Training Environment (FedVTE) provides free, on-demand access to cybersecurity training for federal, state, local, tribal, and territorial government employees and veterans to help the workforce maintain expertise and foster operational readiness. For more information about FedVTE, please visit the National Initiative for Cybersecurity Careers and Studies portal at:
  • Practice sound cyber risk management. The C3 Voluntary Program supports industry in increasing cyber resilience, promotes awareness and use of the Cybersecurity Framework, and encourages organizations to manage cybersecurity as part of an all hazards approach to enterprise risk management. For more information, please visit

Visit for more information about NCSAM.