Search Icon White

Standards Spotlight

Views of Real-World Impact

ANSI shines a spotlight on Standards in action as they support safety, efficiency and well-being in interesting aspects of everyday life.

cyber professional

See Yourself in Cyber: ANSI Recognizes Cybersecurity Awareness Month

10/17/2022

From strong email passwords to malware prevention: Cybersecurity Awareness Month is an opportunity to recognize how to safeguard numerous types cyber connections, from our personal home computers to large industrial networks. Held every October since 2004, the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) lead the initiative as part of a collaborative effort between government and industry to raise cybersecurity awareness nationally and internationally.

Recently, President Biden issued a proclamation on Cybersecurity Awareness Month, noting that cybersecurity is not limited to government or critical infrastructure. “Cybersecurity is about protecting the American people and the services we rely on,” he said. “This month, I encourage all Americans to increase their cybersecurity at home, at work, and in schools by taking steps such as enabling multi-factor authentication, using a trusted password manager and strong passwords, recognizing and reporting phishing, and updating their software regularly.”

Throughout the month, CISA and NCA will promote actionable steps for everyone to take to remain cybersafe, aligned with the “See Yourself in Cyber” theme:

  • Think Before You Click: Recognize and Report Phishing: If a link looks a little off, think before you click. It could be an attempt to get sensitive information or install malware. 
  • Update Your Software: Don't delay. If you see a software update notification, act promptly. Better yet, turn on automatic updates.
  • Use Strong Passwords: Use passwords that are long, unique, and randomly generated. Use password managers to generate and remember different, complex passwords for each of your accounts. A passwords manager will encrypt passwords securing them for you.
  • Enable Multi-Factor Authentication: You need more than a password to protect your online accounts, and enabling MFA makes you significantly less likely to get hacked.

Various standards support cybersecurity awareness month, including CSA/ANSI T200-2022, Evaluation of software development and cybersecurity programs, which supports effective executive business decisions that establish a comprehensive maturity model approach to cybersecurity. The standard describes a methodology for assessing the product software and cybersecurity control maturity of an organization. The American National Standard (ANS) is applicable to all IoT and related products/solutions. It was published by CSA Group, an ANSI member and accredited standards developer.

Another standard, published by UL Standards & Engagement (ULSE) UL 2900-2-3 Ed. 1-2020, Standard for Software Cybersecurity for Network-Connectable Products, Part 2-3, is a security evaluation standard that applies to the evaluation of security and life safety signaling system components. It applies to, but is not limited to, various following products, including alarm control units, network-based intrusion detection systems, general purpose signaling units, and digital video equipment and systems, among others. UL Standards & Engagement is an ANSI member and audited designator.

The National Institute of Standards and Technology (NIST) is also leading efforts to strengthen cybersecurity. In a recent White House statement, the Biden administration recognized NIST’s four new encryption algorithms that will become part of NIST’s post-quantum cryptographic standard, which are expected to be finalized in about two years. The algorithms are “the first group of encryption tools that are designed to withstand the assault of a future quantum computer, which could potentially crack the security used to protect privacy in the digital systems we rely on every day, such as online banking and email software,” the White House statement noted.

In July 2022 NIST issued a request for comments on a recent draft publication that guides health care cybersecurity. “Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule: A Cybersecurity Resource Guide (NIST Special Publication 800-66, Revision 2),” aims to help organizations comply with HIPAA, a federal law that requires the creation of national standards to protect sensitive patient health information from being disclosed without the patient’s consent or knowledge.

Read more about Cybersecurity Awareness Month.