Back to Top Skip to main content

Cyberfit family: Making cybersecurity understandable for all ages

By making cyber fitness a part of daily routines, families can protect their online information and personal well-being. By making cyber fitness a part of daily routines, families can protect their online information and personal well-being.

Recommended Content:

Technology

From protecting systems and data to regular training updates, cybersecurity is a top priority in the workplace – and it should be at home, too. By making cyber fitness a part of daily routines, families can protect their online information and personal well-being.

Servio Medina, Cyber Security Division Policy Branch lead at the Defense Health Agency, said cybersecurity used to be considered a technological problem, but now it’s viewed as a human knowledge problem and a personal responsibility. The need for cyber awareness goes beyond the workplace and into homes, impacting items ranging from electronic devices to toys, and increasing the importance for people of all ages to be ‘cyberfit,’ as Medina says.

“We do want to empower [people] to not unwittingly compromise their own information and their own well-being,” said Medina while speaking at Defense Health IT Symposium in July. Part of the Military Health System’s role in taking care of families is helping them understand how to protect their online presence, he said.

Cyberfitness, also known as cyber hygiene by the Department of Health and Human Services, is defined as an individual’s health or security when conducting all activities online. Medina called it a readiness issue.

Being cyberfit includes recognizing risky behavior, such as clicking a link in a suspicious email, said Medina. Federal employees are required to take yearly cyber awareness training and comply with Health Insurance Portability and Accountability Act (HIPAA) guidelines for protecting health care information. But roughly 80 percent of cybersecurity breakdowns can be traced back to human error after training, according to a 2015 Department of Defense memo that included a plan to close the gap.

Medina said an increase in awareness and accountability is needed to reduce cyber risks. He draws a parallel with the practices and choices we make every day for overall fitness.

“You should probably get a medical expert’s assessment if you suspect having something worse than a cold, yet we really don’t have the same mindfulness when it comes to cyber practices and choices,” said Medina. The DoD released its 2018 Cyber Strategy, which emphasizes that leaders and their staffs need to be “cyber fluent” so they can understand the cybersecurity implications of their decisions.

“By understanding the consequences of their cybersecurity decisions on the job – and seeking a cybersecurity expert’s assessment – people can be better equipped to use this knowledge in their activities outside the office,” said Medina.

“We at the DHA care about family cyberfitness because innovations are enabling Military Health System beneficiaries to have greater and easier access to electronic health records, communication and prescription tools, and more,” he said. “Without cyberfitness, these health IT innovations might lead to information being misused by mistake or on purpose.”

Medina said military families in particular often face challenges with cyberfitness. Frequent moves and deployments upset routines and social connections. Some parents may become so distracted by the basic details of re-establishing households that they don’t pause to consider what their children – who seem to be positively occupied – may be doing online, he said.

Kelly Blasko, a psychologist and program lead for the mobile app and web program in the Connected Health branch in the Defense Health Agency at Joint Base Lewis-McChord in Washington, referred to video games and online chat rooms as examples of possible security threats facing children and teenagers.

“We tell children not to talk to strangers and that’s usually in a face-to-face situation, but it’s true on the internet as well,” said Blasko, a representative for Military Kids Connect. Cyber predators can target minors through the use of false links that allow access to the computer or accounts used by the child, she warned. “That really puts them at risk.”

Identify theft is often thought of as a problem for adults connected to financial identity, but children can also be targets, Blasko said. “They use the family computer and it might have banking account information or Social Security numbers that could allow someone to open a credit card in the name of a child, and then that ends up being a real problem.”

Medina said it’s important for parents to talk with children about cyberfitness frequently and candidly. He stressed that those conversations can empower children to make smart decisions and understand that cyberfitness is a daily priority. “Begin the conversations when they’re young, with age-appropriate messages on topics like creating strong passwords, safeguarding personal information, and turning to a trusted adult immediately if anything online makes the child uneasy.”

Blasko recommends having the conversation before any security concern comes up. Paying attention to how children and teenagers use the internet, educating them on cyber awareness, and having an open dialogue can allow young people to feel comfortable going to a parent or trusted adult for help, she said.

According to the Department of Homeland Security, children between the ages of 8 and 18 spend an average of seven and a half hours online every day at home, school, and public spaces.

“Practically everyone, young or old, can click into and connect with data, information, and other people,” said Medina. Many household items that rely on an internet connection and may seem mundane – such as security cameras, baby monitors, or wireless devices – can put people at risk for a cybersecurity breach, said Blasko.

Medina said the Defense Health Agency’s health information technology team offers information to ensure cyberfitness at home, including a five-day plan: Day 1 – add strong passwords to devices; Day 2 – clean out mobile apps; Day 3 – protect stored information; Day 4 – share information wisely; and Day 5 – beware of health information fraud.

The DHS campaign, Stop.Think.Connect, offers parent and educator resources for talking about cybersecurity with children.

“We have to protect our military children and families,” said Blasko. “They’re really who we serve and we don’t want them to be jeopardized in any way.”

You also may be interested in...

Wrap your mind around this

Article
1/16/2019
Army Spc. Anne Veiman, 452d Combat Support Hospital, demonstrates the capabilities of the InfraScanner handheld TBI detector on Kuwaiti army Col. Raed Altajalli, assistant director of Kuwait North Military Medical Complex in Al Jahra, Kuwait City, Kuwait. (U.S. Army photo by Sgt. Connie Jones)

This tool would be particularly helpful in a combat environment

Recommended Content:

Technology | Building Partner Capacity and Interoperability

DHA IPM 19-001: Lifecycle Management Services (LCMS) Information Technology (IT) Asset Management (AM)

Policy

This Defense Health Agency-Interim Procedures Memorandum (DHA-IPM), based on the authority of References (a) and (b), and in accordance with the guidance of References (c) through (p), establishes the Defense Health Agency’s (DHA) procedures for implementing and managing IT assets and LCMS/Enterprise Activity functions by the Chief Information Officer (CIO), Deputy Assistant Director, Information Operations (DAD IO)/J-6 for the Military Health System (MHS). This DHA-IPM: • Is binding on DoD Components and supports the Director, DHA, responsibility to develop appropriate management models to maximize efficiencies in the activities carried out by the DHA. • Is effective immediately and will expire 12 months from date of signature. It must be incorporated into a DHA-Procedural Instruction; reviewed annually and updated as determined by the CIO.

  • Identification #: 19-001
  • Date: 1/15/2019
  • Type: DHA Interim Procedures Memorandum
  • Topics: Technology

Solution Delivery Division

Fact Sheet
12/11/2018

To deliver information technology solutions to the Military Health System through expert acquisition program management, process reengineering, information translation and sharing, training, and integration activities in order to support and advance the delivery of health care to our patients.

Recommended Content:

Technology

Cyber fitness, awareness key during ‘season of shopping’

Article
11/22/2018
Making cyber security a priority while shopping or browsing online can help you protect yourself from more than you bargained for during this ‘season of shopping.’

During a popular time of year for shopping, consumers should be aware of scams or fraudulent activity targeting shoppers and email users, experts say. Taking small steps every day to protect information online can make a big difference in the long-term future.

Recommended Content:

Technology | Secure Messaging

Army medical device cyber team balances benefits and risks of technology

Article
11/8/2018
An Army medic positions a patient for a CT scan, which helps radiologists diagnose different types of disease and injuries. Medical devices, such as radiology imaging systems, must now go through a cybersecurity validation process in order to connect to military networks (U.S. Army photo by Staff Sgt. Evelyn Chavez)

The frequency and severity of cybersecurity attacks against the medical community will continue to rise

Recommended Content:

Technology

DHA IPM 18-018: Physical Custody and Control of the DoD Health Record

Policy

This Defense Health Agency-Interim Procedures Memorandum (DHA-IPM), based on the authority of References (a) and (b), and in accordance with the guidance of References (c) through (p): • Establishes the Defense Health Agency’s (DHA) procedures for the physical custody and control of DoD Health Records at all DoD Military Treatment Facilities (MTFs) and the management, monitoring, review, and evaluation of DoD Health Record availability at MTFs. • This DHA-IPM is effective immediately and will expire effective 12 months from the date of issue. It must be incorporated into the forthcoming DHA-Procedural Instruction, “Health Records Management”.

Cyberfit Family Crossword Puzzle 2018

Publication
11/7/2018

This crossword puzzle provides tips to keep everyone in your family safe online in cyberspace

Recommended Content:

Technology

DHA IPM 18-017: Military Health System (MHS) Information Technology (IT) Investment Management Framework

Policy

This Defense Health Agency-Interim Procedures Memorandum (DHA-IPM), based on the authority of References (a) through (c), and in accordance with the guidance of References (d) through (v), establishes Defense Health Agency’s (DHA) procedures to: • Establish the overarching guidance to implement policies and procedures for managing DHA Deputy Assistant Director, Information Operations (DAD IO)/J-6 Defense Health Program (DHP) IT resources. The DHA Investment Management Framework is used as an enabler for MHS leadership to make informed transparent financial decisions associated with the DHA DAD IO/J-6 systems, services, and capabilities and will continue to be used in the foreseeable future. • Provide full and total awareness of all IT across the enterprise ensuring all MHS healthcare-related IT investments are accounted for and integrated both operationally and financially. This includes all IT systems, applications, and devices and all their funding identified to manage a coherent and integrated healthcare capability across the enterprise. • Provide and supersede guidance and instructions previously provided through the Services. As Military Medical Treatment Facilities (MTFs) transition to DHA management and responsibility, procedures in this DHA-IPM will supersede IT systems guidance and instructions previously provided through the Services; including IT systems in all MTFs, clinics, and enterprise services provided to Other Lines-of-Business (OLB), such as training and research, etc. In addition, it supports a coherent and comprehensive catalog of IT capability investments encompassing all IT used to support the MHS mission. • Require that all funding sources, type and Budget Activity Group (BAG), purchasing or supporting any IT must be identified for inclusion in the DHA portfolio of IT capability investments. • Provide superseding guidance and instruction, through this DHA-IPM until a DHA-Procedural Instruction is issued previously provided by the Services in References (w) through (ad), for the MTFs as they are transitioned to DHA management and responsibility. • This DHA-IPM is effective immediately and it will be converted into a DHA-Procedural Instruction. This DHA-IPM will expire effective 12 months from the date of issue.

  • Identification #: 18-017
  • Date: 11/6/2018
  • Type: DHA Interim Procedures Memorandum
  • Topics: Technology

PEO DHMS celebrates National Health IT Week

Article
10/19/2018
The Program Executive Office Defense Healthcare Management Systems logo

Leaders and staff from the PEO DHMS shared their stories about why health IT is important

Recommended Content:

Technology | Military Health System Electronic Health Record | Electronic Health Record Modernization & Interoperability

DHA IPM 18-016: DHA IPM 18 016 Medical Coding of the DoD Health Records

Policy

This Defense Health Agency-Interim Procedures Memorandum (DHA-IPM), based on the authority of References (a) and (b), and in accordance with the guidance of References (c) through (s): • Establishes the Defense Health Agency’s (DHA) procedures for centralized oversight, standardized operations, and ensured quality and performance for the coding of DoD Health Records. • This DHA-IPM is effective immediately; it will be converted into a DHA-Procedural Instruction. This DHA-IPM will expire 12 months from the date of issue.

DHA IPM 18-015: Cybersecurity Program Management

Policy

This Defense Health Agency-Interim Procedures Memorandum (DHA-IPM), based on the authority of References (a) through (c), and in accordance with the requirements of References (d) through (y): • Establishes the Defense Health Agency’s (DHA) procedures to implement and maintain a DHA Cybersecurity Program for the Military Health System (MHS) to protect and defend DHA information and Information Technology (IT). • Is effective immediately; it will be converted into DHA-Procedural Instruction (DHA-PI), “Cybersecurity Program Management.” This DHA-IPM will expire effective 12 months from the date of issue.

  • Identification #: 18-015
  • Date: 10/17/2018
  • Type: DHA Interim Procedures Memorandum
  • Topics: Technology

October 2018 CVS Caremark Electronic Billing Process

Presentation
10/15/2018

Recommended Content:

Technology

October 2018 Post Test

Presentation
10/15/2018

Recommended Content:

Technology

Encryption Wizard Info

Presentation
10/15/2018

Encryption Wizard (EW) is simple, strong, Java-based file and folder encryption software for protection of sensitive information, such as FOUO, PII, CUI, and Privacy Act data. This Presentation provides complete details about EW.

Recommended Content:

Technology

October 2018 Webinar

Presentation
10/15/2018

October 2018 Webinar

Recommended Content:

Technology
<< < 1 2 3 4 5  ... > >> 
Showing results 1 - 15 Page 1 of 8

DHA Address: 7700 Arlington Boulevard | Suite 5101 | Falls Church, VA | 22042-5101

Some documents are presented in Portable Document Format (PDF). A PDF reader is required for viewing. Download a PDF Reader or learn more about PDFs.