It\u2019s available online<\/strong>, it\u2019s free of cost<\/strong> for everyone, and it\u2019s also accessible from any part of the world<\/strong> so long as you have a reliable internet connection! <\/p>\n\n\n\n Everyone with a computer or that handles any type of sensitive information would benefit from it. In this guide, we\u2019ll explore the key lessons of the DoD cyber challenge and the summary of the entire training materials. <\/p>\n\n\n\n You can complete this cyber awareness challenge training on the official DoD Cyber Awareness Challenge 2020 website.<\/a><\/p>\n\n\n\n Even though its lessons are focusing on securing the nation’s classified data, the cyber awareness challenge contains lots of cybersecurity takeaway for non-military users like you and me.<\/p>\n\n\n\n There are three main sections and their subsections in the DoD Cyber Awareness Challenge tutorials:<\/p>\n\n\n\n Each section has definitions, vulnerabilities, real-life scenarios, and talks about the types of decisions you should make or avoid to prevent a cyber attack<\/a>.<\/p>\n\n\n\n In the government, \u201cspillage<\/a>\u201d is a term that refers to information that\u2019s leaked from a higher classification or protection level to a lower one. A spillage poses a serious risk to national security. Spillage occurs when someone accidentally or intentionally makes an unauthorized data disclosure, data modification, or engages in espionage, which results in loss or degradation of resources or capabilities.<\/p>\n\n\n\n For any type of business or organization that handles sensitive information, it\u2019s crucial that you do everything you can to protect this information \u2014 both for the sake of your customers as well as to remain compliant with laws and regulatory data protection requirements. Some of these regulations include:<\/p>\n\n\n\n But what is considered \u201csensitive information?\u201d Sensitive information includes:<\/p>\n\n\n\n These types of sensitive information must be protected because their leakage can compromise government missions or interests. An example of such sensitive information includes data or information that\u2019s provided by a confidential source (person, commercial business, or foreign government) with the condition it would not be released.<\/p>\n\n\n\n For businesses and healthcare organizations, examples of these types of information include:<\/p>\n\n\n\n Malicious code can be spread by downloading corrupted email attachments and files or visiting infected websites. Malicious code includes viruses, trojan horses, worms, macros, and scripts. They can damage or compromise digital files, erase your hard drive and\/or allow hackers access to your PC or mobile from a remote location.<\/p>\n\n\n\n Here, we have written a summary of cyber awareness challenge training, covering the key takeaway lessons. <\/p>\n\n\n\n Please note that we have included only handpicked the lessons which we deem beneficial to a general audience. It doesn’t have all the teachings of the course, though. To get access to all of that, you must complete the DoD Cyber Awareness Challenge yourself!<\/p>\n\n\n\n Malicious code<\/a> is a term that describes the code that\u2019s used in online forms, scripts, and software that aims to cause harm in some way. To help your employees avoid the risks associated with downloading and installing malicious code, here are some helpful tips:<\/p>\n\n\n\n When you trust your employees to handle customers\u2019 confidential information, they must be aware of the sensitivity of the data and how to protect them. A single act of negligence can be catastrophic. Here are some major takeaways from cyber awareness challenge that you can use to train employees.<\/p>\n\n\n\n Incidents related to insider threats are up 47% since 2018, according to data from the Ponemon Institute and ObserveIT<\/a>.<\/p>\n\n\n\n The term insider threat<\/a> refers to a situation where employees themselves (intentionally or unintentionally) leak the data or execute the cybercrime against the organization. You can\u2019t rule out the possibility of insider threats because employees have tons of information readily available to them on their fingertips. So, as an employer, you must keep an eye on your employees\u2019 activities and also train the staff to recognize the potential threat that may exist among them. We\u2019re not saying that all of your employees are insider threats. However, if someone is going through difficult life circumstances or experiencing persistent interpersonal difficulties, their emotional instability can make them a potential candidate to become one. Observe them and assess whether they\u2019re showing any uncommon or concerning behaviors, such as:<\/p>\n\n\n\n Rather than giving the benefit of the doubt, report any suspicious activity or behavior in accordance with your agency\u2019s insider threat policy.<\/p>\n\n\n\n Of course, there are additional steps you can take to prevent or limit the impact of insider threats:<\/p>\n\n\n\n There are many reasons why physical security<\/a> is so important to organizations \u2014 your colleague could be an insider threat, or some walk-ins or visitors might be spying, eavesdropping or looking for a chance to steal the important data from the files or computer. These occurrences not only happen on military installations but also within the organizations. So, you must be vigilant about your workplace security, too. This means:<\/p>\n\n\n\n Portable devices<\/a> and removable media pose a major security threat to businesses and government organizations alike. They\u2019re easy to use and convenient. However, portable devices also can carry malware from one device to another without the user knowing. So, if you plug an infected device into a new machine, it may install that malware on the new device.<\/p>\n\n\n\n These types of media include flash media, such as thumb drives, memory sticks, and flash drives, external hard drives, optical discs, and external music players like iPods.<\/p>\n\n\n\n So, what can you do to protect your organization?<\/p>\n\n\n\n Your laptop and mobile devices must have stored so many saved credentials for automatic login, personal and professional data and media files. If your organization has provided you laptop or mobile for profession use, it might be a virtual goldmine for attackers. Just by hacking or stealing such devices, the cybercriminal can execute dangerous attacks. That\u2019s why handing your mobile and laptop carefully is a crucial step.<\/p>\n\n\n\n People generally don\u2019t store organization related information in their home computer\/personal computer. However, such personal computers do contain automatic login facilities to email addresses, social media sites, applications, financial institutions\u2019 sites, etc. Hence, the employees must be aware of how to protect their home computers, too.<\/p>\n\n\n\n Note: In the cyber awareness challenge, these tips are derived from the National Security Agency (NSA)’s PDF “Best Practices for Keeping Your Home Network Secure<\/a>.\u201d<\/p>\n\n\n\n Beware of sudden flashing pop-ups warning that your computer is infected with a virus; this might indicate a malicious code attack. <\/p>\n\n\n\n While employers can\u2019t necessarily control what their employees do in their personal time, they can educate them about the dangers of social media and other online platforms. The DoD Cyber Awareness Challenge has a section that provides guidance on the best practices while surfing online.<\/p>\n\n\n\n Here are a few key takeaways from this section of the DoD cyber awareness challenge training:<\/p>\n\n\n\nDoD Cyber Awareness Challenge: Who Can Take It?<\/h3>\n\n\n\n
The Format and Main Content of the DoD Cyber Awareness Challenge<\/h2>\n\n\n\n
![\"Categories](\"https:\/\/sectigostore.com\/blog\/wp-content\/uploads\/2020\/05\/dod-cyber-awareness-challenge-categories.png\")
<\/figure><\/div>\n\n\n\n1) Data Spillage<\/h3>\n\n\n\n
2) Sensitive Information<\/h3>\n\n\n\n
3) Malicious Code<\/h3>\n\n\n\n
Key Lessons for Corporations and Individuals from the DoD Cyber Awareness Challenge<\/h2>\n\n\n\n
Protection Against Malicious Code<\/h3>\n\n\n\n
Best Practices for Protecting Sensitive Information<\/h3>\n\n\n\n
Prevention Against Insider Threats<\/h3>\n\n\n\n
Best Practices for Physical Security in the Workplace<\/h3>\n\n\n\n
Best Practices for Portable Devices and Removable Media<\/h3>\n\n\n\n
Best Practices for Laptops and Mobile Devices<\/h3>\n\n\n\n
Tips for Home Computer Security<\/h3>\n\n\n\n
General Security Tips for Online Behavior Outside the Workplace<\/h3>\n\n\n\n
A Final Word on the DoD Cyber Awareness Challenge<\/h2>\n\n\n\n