Search Icon White

Standards BEHIND 

ANSI takes a look at some of the standards behind the scenes driving the advancement of innovative technologies and ingenious solutions for global challenges.

cyber professional

Secure Our World: During Cybersecurity Awareness Month, Take Four Steps for Better Online Safety


With so many scammers prevalent on the web, how can we stay safer online? On the 20th anniversary of Cybersecurity Awareness Month, the Cybersecurity and Infrastructure Security Agency (CISA) has announced a new set of resources and four actionable tips that can help elevate our cyber security.

CISA’s newly launched cybersecurity awareness program theme, Secure Our World, promotes “behavioral change across the nation,” underscoring how individuals, families, and small-to-medium-sized businesses can stay more secure by focusing on four critical actions.

CISA’s recommendations for safer cyber lives include:

  • Use Strong Passwords, and Make them Unique: Choose longer passwords and those that include four-character types (uppercase, lowercase, numbers, and symbols). CISA notes that password managers are a tool to help create strong passwords for different accounts.


  • Enable Your MFA: Multi-factor authentication (or MFA) is a multi-step account login process that requires users to enter more information than just a password. What’s more, enabling MFA will make you significantly less likely to get hacked.


  • Recognize and Report Phishing: Phishing is defined as “the fraudulent practice of sending emails or other messages purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.” With a few steps, you can safeguard information and avoid phishing scams. For starters, avoid sharing sensitive information or credentials with unknown sources, report phishing attempts, and delete any suspicious messages.


  • Keep Software Current: When it comes to software, up-to-date is the way to go to ensure you have the latest security patches and updates on your devices.

Last week, the CISA also announced that it released new resources for combating ransomware campaigns.

Standards and Guidance Help Enable More Cyber Safe Societies

In addition to CISA’s campaign efforts, there are numerous standards and guidance that support cybersecurity at home, in the workplace, and elsewhere. One such standard is ASTM International standard ASTM F3286-17, Standard Guide for Cybersecurity and Cyberattack Mitigation, which addresses the company or government organizational need to mitigate the likelihood of cyberattacks and reduce the extent of potential cyberattacks, which can leave sensitive personal data, corporate information, and critical infrastructure vulnerable to attackers.

Published by SAE International, SAE J 3061-2021, Cybersecurity Guidebook for Cyber-Physical Vehicle Systems, is a recommended practice that provides guidance on vehicle cybersecurity and was created based off of, and expanded on from, existing practices that are being implemented or reported in industry, government, and conference papers. The best practices are intended to be flexible, pragmatic, and adaptable in their further application to the vehicle industry as well as to other cyber-physical vehicle systems (e.g., commercial and military vehicles, trucks, and buses).

INCITS, the InterNational Committee for Information Technology Standards has also published a number of standards related to cybersecurity, including the INCITS Cyber Security - Common Criteria Package that provides guidance on evaluation criteria for IT security. It includes the INCITS/ISO/IEC 15408 series as well as the INCITS/ISO/IEC 18045 standard addressing methodologies for IT security evaluations.

Internationally, cyber safety guidance can be found in ISO/IEC 27001:2022, Information Security, Cybersecurity, and Privacy Protection - Information Security Management Systems – Requirements. This document specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system within the context of the organization; it also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization. It was developed by the International Organization for Standardization (ISO) / International Electrotechnical Commission (IEC) Joint Technical Committee (JTC) 1, Subcommittee (SC) 27, Information security, cybersecurity and privacy protection. ANSI holds the secretariat to JTC 1.

To offer organizations a common language and a systematic methodology for managing cybersecurity risk across sectors, the National Institute for Standards and Technology (NIST) has published draft revisions to its Cybersecurity Framework (CSF), and public comments on the draft will be accepted until November 4.

As ANSI previously reported, NIST’s draft Cybersecurity Framework 2.0 was developed after more than a year’s worth of community feedback, reflecting changes in the cybersecurity landscape and making it easier for many different kinds of organizations to put the CSF into practice.

Access more tips and find out more about Cybersecurity Awareness Month on CISA’s website. Cheers to safer cyber lives!

Related News:

NIST Releases Draft of Cybersecurity Framework 2.0

Have a question or suggestion?

Email [email protected]