Back to Top Skip to main content

Cyberfit family: Making cybersecurity understandable for all ages

By making cyber fitness a part of daily routines, families can protect their online information and personal well-being. By making cyber fitness a part of daily routines, families can protect their online information and personal well-being.

Recommended Content:

Technology

From protecting systems and data to regular training updates, cybersecurity is a top priority in the workplace – and it should be at home, too. By making cyber fitness a part of daily routines, families can protect their online information and personal well-being.

Servio Medina, Cyber Security Division Policy Branch lead at the Defense Health Agency, said cybersecurity used to be considered a technological problem, but now it’s viewed as a human knowledge problem and a personal responsibility. The need for cyber awareness goes beyond the workplace and into homes, impacting items ranging from electronic devices to toys, and increasing the importance for people of all ages to be ‘cyberfit,’ as Medina says.

“We do want to empower [people] to not unwittingly compromise their own information and their own well-being,” said Medina while speaking at Defense Health IT Symposium in July. Part of the Military Health System’s role in taking care of families is helping them understand how to protect their online presence, he said.

Cyberfitness, also known as cyber hygiene by the Department of Health and Human Services, is defined as an individual’s health or security when conducting all activities online. Medina called it a readiness issue.

Being cyberfit includes recognizing risky behavior, such as clicking a link in a suspicious email, said Medina. Federal employees are required to take yearly cyber awareness training and comply with Health Insurance Portability and Accountability Act (HIPAA) guidelines for protecting health care information. But roughly 80 percent of cybersecurity breakdowns can be traced back to human error after training, according to a 2015 Department of Defense memo that included a plan to close the gap.

Medina said an increase in awareness and accountability is needed to reduce cyber risks. He draws a parallel with the practices and choices we make every day for overall fitness.

“You should probably get a medical expert’s assessment if you suspect having something worse than a cold, yet we really don’t have the same mindfulness when it comes to cyber practices and choices,” said Medina. The DoD released its 2018 Cyber Strategy, which emphasizes that leaders and their staffs need to be “cyber fluent” so they can understand the cybersecurity implications of their decisions.

“By understanding the consequences of their cybersecurity decisions on the job – and seeking a cybersecurity expert’s assessment – people can be better equipped to use this knowledge in their activities outside the office,” said Medina.

“We at the DHA care about family cyberfitness because innovations are enabling Military Health System beneficiaries to have greater and easier access to electronic health records, communication and prescription tools, and more,” he said. “Without cyberfitness, these health IT innovations might lead to information being misused by mistake or on purpose.”

Medina said military families in particular often face challenges with cyberfitness. Frequent moves and deployments upset routines and social connections. Some parents may become so distracted by the basic details of re-establishing households that they don’t pause to consider what their children – who seem to be positively occupied – may be doing online, he said.

Kelly Blasko, a psychologist and program lead for the mobile app and web program in the Connected Health branch in the Defense Health Agency at Joint Base Lewis-McChord in Washington, referred to video games and online chat rooms as examples of possible security threats facing children and teenagers.

“We tell children not to talk to strangers and that’s usually in a face-to-face situation, but it’s true on the internet as well,” said Blasko, a representative for Military Kids Connect. Cyber predators can target minors through the use of false links that allow access to the computer or accounts used by the child, she warned. “That really puts them at risk.”

Identify theft is often thought of as a problem for adults connected to financial identity, but children can also be targets, Blasko said. “They use the family computer and it might have banking account information or Social Security numbers that could allow someone to open a credit card in the name of a child, and then that ends up being a real problem.”

Medina said it’s important for parents to talk with children about cyberfitness frequently and candidly. He stressed that those conversations can empower children to make smart decisions and understand that cyberfitness is a daily priority. “Begin the conversations when they’re young, with age-appropriate messages on topics like creating strong passwords, safeguarding personal information, and turning to a trusted adult immediately if anything online makes the child uneasy.”

Blasko recommends having the conversation before any security concern comes up. Paying attention to how children and teenagers use the internet, educating them on cyber awareness, and having an open dialogue can allow young people to feel comfortable going to a parent or trusted adult for help, she said.

According to the Department of Homeland Security, children between the ages of 8 and 18 spend an average of seven and a half hours online every day at home, school, and public spaces.

“Practically everyone, young or old, can click into and connect with data, information, and other people,” said Medina. Many household items that rely on an internet connection and may seem mundane – such as security cameras, baby monitors, or wireless devices – can put people at risk for a cybersecurity breach, said Blasko.

Medina said the Defense Health Agency’s health information technology team offers information to ensure cyberfitness at home, including a five-day plan: Day 1 – add strong passwords to devices; Day 2 – clean out mobile apps; Day 3 – protect stored information; Day 4 – share information wisely; and Day 5 – beware of health information fraud.

The DHS campaign, Stop.Think.Connect, offers parent and educator resources for talking about cybersecurity with children.

“We have to protect our military children and families,” said Blasko. “They’re really who we serve and we don’t want them to be jeopardized in any way.”

You also may be interested in...

DHA IPM 18-018: Physical Custody and Control of the DoD Health Record

Policy

This Defense Health Agency-Interim Procedures Memorandum (DHA-IPM), based on the authority of References (a) and (b), and in accordance with the guidance of References (c) through (p): • Establishes the Defense Health Agency’s (DHA) procedures for the physical custody and control of DoD Health Records at all DoD Military Treatment Facilities (MTFs) and the management, monitoring, review, and evaluation of DoD Health Record availability at MTFs. • This DHA-IPM is effective immediately and will expire effective 12 months from the date of issue. It must be incorporated into the forthcoming DHA-Procedural Instruction, “Health Records Management”.

Army medical device cyber team balances benefits and risks of technology

Article
11/8/2018
An Army medic positions a patient for a CT scan, which helps radiologists diagnose different types of disease and injuries. Medical devices, such as radiology imaging systems, must now go through a cybersecurity validation process in order to connect to military networks (U.S. Army photo by Staff Sgt. Evelyn Chavez)

The frequency and severity of cybersecurity attacks against the medical community will continue to rise

Recommended Content:

Technology

Cyberfit Family Crossword Puzzle 2018

Publication
11/7/2018

This crossword puzzle provides tips to keep everyone in your family safe online in cyberspace

Recommended Content:

Technology

DHA IPM 18-017: Military Health System (MHS) Information Technology (IT) Investment Management Framework

Policy

This Defense Health Agency-Interim Procedures Memorandum (DHA-IPM), based on the authority of References (a) through (c), and in accordance with the guidance of References (d) through (v), establishes Defense Health Agency’s (DHA) procedures to: • Establish the overarching guidance to implement policies and procedures for managing DHA Deputy Assistant Director, Information Operations (DAD IO)/J-6 Defense Health Program (DHP) IT resources. The DHA Investment Management Framework is used as an enabler for MHS leadership to make informed transparent financial decisions associated with the DHA DAD IO/J-6 systems, services, and capabilities and will continue to be used in the foreseeable future. • Provide full and total awareness of all IT across the enterprise ensuring all MHS healthcare-related IT investments are accounted for and integrated both operationally and financially. This includes all IT systems, applications, and devices and all their funding identified to manage a coherent and integrated healthcare capability across the enterprise. • Provide and supersede guidance and instructions previously provided through the Services. As Military Medical Treatment Facilities (MTFs) transition to DHA management and responsibility, procedures in this DHA-IPM will supersede IT systems guidance and instructions previously provided through the Services; including IT systems in all MTFs, clinics, and enterprise services provided to Other Lines-of-Business (OLB), such as training and research, etc. In addition, it supports a coherent and comprehensive catalog of IT capability investments encompassing all IT used to support the MHS mission. • Require that all funding sources, type and Budget Activity Group (BAG), purchasing or supporting any IT must be identified for inclusion in the DHA portfolio of IT capability investments. • Provide superseding guidance and instruction, through this DHA-IPM until a DHA-Procedural Instruction is issued previously provided by the Services in References (w) through (ad), for the MTFs as they are transitioned to DHA management and responsibility. • This DHA-IPM is effective immediately and it will be converted into a DHA-Procedural Instruction. This DHA-IPM will expire effective 12 months from the date of issue.

  • Identification #: 18-017
  • Date: 11/6/2018
  • Type: DHA Interim Procedures Memorandum
  • Topics: Technology

PEO DHMS celebrates National Health IT Week

Article
10/19/2018
The Program Executive Office Defense Healthcare Management Systems logo

Leaders and staff from the PEO DHMS shared their stories about why health IT is important

Recommended Content:

Technology | Military Health System Electronic Health Record | Electronic Health Record Modernization & Interoperability

DHA IPM 18-016: DHA IPM 18 016 Medical Coding of the DoD Health Records

Policy

This Defense Health Agency-Interim Procedures Memorandum (DHA-IPM), based on the authority of References (a) and (b), and in accordance with the guidance of References (c) through (s): • Establishes the Defense Health Agency’s (DHA) procedures for centralized oversight, standardized operations, and ensured quality and performance for the coding of DoD Health Records. • This DHA-IPM is effective immediately; it will be converted into a DHA-Procedural Instruction. This DHA-IPM will expire 12 months from the date of issue.

DHA IPM 18-015: Cybersecurity Program Management

Policy

This Defense Health Agency-Interim Procedures Memorandum (DHA-IPM), based on the authority of References (a) through (c), and in accordance with the requirements of References (d) through (y): • Establishes the Defense Health Agency’s (DHA) procedures to implement and maintain a DHA Cybersecurity Program for the Military Health System (MHS) to protect and defend DHA information and Information Technology (IT). • Is effective immediately; it will be converted into DHA-Procedural Instruction (DHA-PI), “Cybersecurity Program Management.” This DHA-IPM will expire effective 12 months from the date of issue.

  • Identification #: 18-015
  • Date: 10/17/2018
  • Type: DHA Interim Procedures Memorandum
  • Topics: Technology

Encryption Wizard Info

Presentation
10/15/2018

Encryption Wizard (EW) is simple, strong, Java-based file and folder encryption software for protection of sensitive information, such as FOUO, PII, CUI, and Privacy Act data. This Presentation provides complete details about EW.

Recommended Content:

Technology

October 2018 Webinar

Presentation
10/15/2018

October 2018 Webinar

Recommended Content:

Technology

October 2018 EDI RX Claims Overview

Presentation
10/15/2018

Recommended Content:

Technology

October 2018 Post Test

Presentation
10/15/2018

Recommended Content:

Technology

October 2018 CVS Caremark Electronic Billing Process

Presentation
10/15/2018

Recommended Content:

Technology

DHA IPM 18-013: Risk Management Framework (RMF)

Policy

This Defense Health Agency-Interim Procedures Memorandum (DHA-IPM), based on the authority of References (a) through (c), and in accordance with the guidance of References (d) through (ac): • Incorporates cybersecurity strategy, policy, awareness/training, assessment, continuous monitoring, authorization, implementation, and remediation. • Aligns with the Deputy Assistant Director, Information Operations (DAD IO) J-6/Chief Information Officer’s (CIO) key concept of increasing cybersecurity of Defense Health Agency’s (DHA) Information Technology (IT); therefore, robust risk assessment and management is required. • Encompasses lifecycle risk management to determine and manage the residual cybersecurity risk. • This DHA-IPM is effective immediately; it will be converted into a DHA-Procedural Instruction. This DHA-IPM will expire effective 12 months from the date of issue.

  • Identification #: 18-013
  • Date: 10/10/2018
  • Type: DHA Interim Procedures Memorandum
  • Topics: Technology

Cyberfit Poster: Military Family Readiness 2018

Poster
10/5/2018

This poster urges military personnel to teach their children online safety.

Recommended Content:

Technology

Cyberfit Poster Navy Family 2018

Poster
10/5/2018

This poster urges Navy personnel to teach their children online safety.

Recommended Content:

Technology
<< < 1 2 3 4 5  ... > >> 
Showing results 1 - 15 Page 1 of 8

DHA Address: 7700 Arlington Boulevard | Suite 5101 | Falls Church, VA | 22042-5101

Some documents are presented in Portable Document Format (PDF). A PDF reader is required for viewing: Download a PDF Reader or learn more about PDFs.