US flag signifying that this is a United States Federal Government website   Official website of the Department of Homeland Security

Secretary Janet Napolitano's Remarks at the Michigan Cyber Security Summit / National Cyber Security Awareness Month Kick-Off Event

Release Date: 
October 7, 2011

Ypsilanti, Michigan
(Remarks as Prepared)

Introduction

Thanks for the introduction. Good morning everyone.

I want to extend my thanks to Governor Snyder and the State of Michigan for hosting this event, to highlight the importance of cybersecurity and the partnerships that are so critical to building our nation's cyber resiliency. I also want to thank the National Cyber Security Alliance and the Multi-State Information and Analysis Center for all you've done to elevate cybersecurity awareness here in Michigan and across our country.

And it's also good to see my friends Representative Dingell, Representative Rogers, and Howard Schmidt here today, all strong partners and proponents of our cybersecurity efforts at the Department of Homeland Security and across government. In addition, I know we have a number of students and student groups here in the audience, including Digital Inclusion, Ann Arbor Teens for Kids, and students from Eastern Michigan University. Thank you for coming and also for doing your part in schools and communities to improve cyber awareness and security.

Finally, I want to thank all of the cyber security professionals who have joined us here today. Your expertise is critical to our ability to address the emerging and evolving threat that we as a nation face in cyberspace.

Importance of Cybersecurity / Shared Responsibility

Today we're here to kick-off National Cyber Security Awareness Month and highlight the Stop.Think.Connect. campaign. Together, these initiatives highlight the role that each of us must play in securing cyberspace.

Few of us need to be reminded of the impact cyberspace has on our lives. From the kitchen table to the classroom, from business transactions to essential government operations and services, cybersecurity is an issue that touches all of us. Whether you checked your smartphone this morning to read the news or signed-on to your bank account online or used a GPS system to make sure you didn't get lost on your way here, we all rely on these devices and the networks on which they run.

As more and more daily functions rely on digital systems, the importance and necessity of protecting our computers, mobile devices, and networks will only continue to increase. And this isn't just an issue for consumers. While the vast majority of the nation's cyber infrastructure resides in private hands, the national security and economic risks associated with these assets are so important that their protection requires a close partnership between government and the private sector to protect and defend them.

We need everyone, including our industry partners and the general public to do their part, which is why events like the 2011 Michigan Cyber Summit are so important.

And I'd like to take a moment to applaud the State of Michican and the Governor for the steps you're taking to enhance cybersecurity. That includes launching a comprehensive cyber security initiative to help protect families, communities, businesses, and government. Michigan is also a leader when it comes to providing cyber security information and tools to business and the public, and creating a culture of cybersecurity through educational programs and public-private partnerships.

Along with citizen engagement and action, we need a growing and dedicated field of experts – like many of you in this room – who can help us bridge the security gaps that exist, protect our critical cyber infrastucture, and create a more resiliant culture when it comes to the web.

NCSAM / Stop.Think.Connect

National Cyber Security Awareness Month gives DHS and its public and private sector partners an annual platform to remind the public of the importance of cybersecurity.

The month of October will focus on several key areas that are essential to achieving our cybersecurity mission:

  • The urgent need to develop and enhance cyber education programs to train tomorrow's cyber workforce. We need our nation's best and brightest working to address evolving cyber threats, and that requires strong education programs as well as a pipeline to employment in cyber-related fields.
  • National and local efforts to prevent identity theft and other cyber crimes. Today, the same systems we use to download music, book travel, or pay our bills are targets for criminals seeking to steal identities or facilitate illegal activity. We all need to do our part to create a safer cyberspace that ensures the integrity of on-line transactions and helps prevent cybercrime.
  • And we will focus on strategies that small- and medium-sized business owners can use to bolster their own cybersecurity defenses.
  • It is also crucial that we remind all Americans about the importance of taking collective action to protect these systems from accidental or deliberate attacks and disruptions.

As leaders in this field, many of you have a trusted voice to bring to this conversation – and I urge all of you to help us spread the word about personal cyber security.

DHS and Federal Actions

To do our part, DHS is building our national operational capabilities and deploying sophisticated cybersecurity technology in defense of our federal departments and agencies.

At DHS, our operational cybersecurity mission is two-fold:

  • We are responsible for securing unclassified networks for Federal Executive Branch civilian departments and agencies (the .gov domain).
  • We also work with owners and operators of critical infrastructure and key resources to support cybersecurity preparedness through risk assessment, mitigation, and incident response capabilities.

Over the past two and a half years, we have worked closely with our partners to enhance the federal government's capacity to protect against cyber threats in a number of ways.

We have prioritized the protection of the nation's Critical Infrastructure and Key Resources by emphasizing the connection between physical and cybersecurity. In plain English, this means recognizing that what happens in the digital world of cyberspace increasingly impacts the physical world of buildings and factories and transportation systems, and vice versa. They are part and parcel of each other, and we must protect both together.

For this reason, we have implemented a comprehensive program designed to assist in the protection of the industrial control systems that help operate our power grid, manufacturing systems, and other essential components of our society.We are now working with thousands of security professionals and partners to promote good cybersecurity practices, conducting assessments, and publishing tools to assist facility owners in identifying vulnerabilities.

And we are fielding Industrial Control System Cyber Emergency Response Teams (ICS-CERT) that can be quickly deployed to assist critical infrastructure owners and operators in evaluating attacks and preventing intrusions from escalating.

Critical to many of these capabilities is the National Cybersecurity and Communications Integration Center (NCCIC), which serves as the nation's principal hub for organizing cyber response efforts and maintaining a common operational picture for key stakeholders.

These assets, combined with other resources from law enforcement, the intelligence community, state, local and tribal governments, and the private sector, provide better situational awareness and a central platform to address threats to civilian government networks and our nation's critical infrastructures and key resources.

But we're not only making sure that federal networks are secure; we are also working with public, private, and academic partners, like those of you assembled here, to promote cybersecurity awareness.

And we're looking to the future to be sure that we're prepared for evolving cyber threats. The DHS Science & Technology Directorate is leading efforts to develop and deploy more secure internet protocols that protect consumers and industry internet users.

DHS remains committed to building and sustaining a world-class cybersecurity team by hiring a diverse group of cybersecurity professionals, including computer engineers, scientists, and analysts to execute this complex and challenging mission. Through the Cybersecurity Workforce Initiative, DHS is working with universities to build a cadre of cybersecurity professionals through competitive scholarship, fellowship, and internship programs to attract top talent in this field.

Finally, we're working with Congress to pass legislation that would improve the overall cybersecurity posture of federal departments and agencies that Americans rely on for various services. This legislation also would enhance collaboration with the private sector by authorizing a combination of voluntary and mandatory programs to protect critical infrastructure, while removing barriers to information sharing.

We delivered a proposal to Congress seeking these goals and we're looking forward to working with them to move it forward.

What You Can Do

At the end of the day, however, cybersecurity is really about people. The most impressive and sophisticated technology will be worthless if it's not operated and maintained by informed and conscientious users.

That is why at DHS we have continued to develop educational programs for those who are already working in cybersecurity as well as those who are still in school. We have made it a priority to provide those on the front lines with the information, tools and resources necessary to reduce the cyber risk to our nation.

But while we've made significant advances, more needs to be done –and we need your help. We need your voices and your support as we work to spread the word about cyber security.

What we are asking you to help communicate is simple: by taking a few basic steps to keep yourself and your family safe online, everyone can help secure cyberspace. That is the message of the Stop.Think.Connect. campaign.

And anyone can start today by incorporating responsible behaviors into your daily life. For example:

  • Keep your operating system and browser up-to-date, and learn about their security features;
  • Choose strong passwords, keep them confidential, and change them regularly;
  • Don't open unknown email attachments; and
  • Review the privacy settings of social networking sites, cell phones, and other social tools you and your children use.

Each of us must Stop and Think about cybersecurity before we Connect.

For many of you, these practices are already a part of your daily routine, but we need to encourage this type of security thinking for every American. As I have said many times before, homeland security begins with hometown security; and that saying certainly applies to our increasingly interconnected online community.

Every compromised computer—at home or at work—can potentially be used by those who would do us harm. If each of us become more aware of cybersecurity risks and implements a few easy steps on our home and business computers, we can make a big difference.

Conclusion

So we hope you will help us continue to spread the word about the risks associated with cyber activity and how to stay safe online. That includes remembering three simple words the next time you log on to your computer: Stop.Think.Connect.

  • Stop—because going on-line is an everyday activity that poses risks.
  • Think—because the power to prevent cybersecurity problems resides with each of us.
  • Connect—because cyberspace has become a resource with incredible benefits for our society and tremendous untapped potential for learning, entertainment and economic development.

And after we ensure that our computers are safe and secure throughout October, let's continue to protect them throughout the year.

Thank you for your commitment and dedication to this critically important issue. And thank you for your continued partnership as we protect our nation's cyber systems and networks.

Back to Top