Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

❮   Back to News

October 25, 2021

Is Your TV Listening to You? Cyber Tips from a Chief Information Security Officer

By Paul Cunningham, Chief Information Security Officer, Department of Veterans Affairs

Tags:

The Nation’s response to the pandemic has highlighted that our society not only uses technology but is also profoundly reliant on technology in our daily lives. We can go to work, school, shop, work out, and watch newly released movies all from the comfort of our home. We have come to embrace that convenience of access, and the wealth of information technology brings to our fingertips.

When new technology becomes available, we are often amazed and excited to incorporate it into our lives. However, that amazement quickly becomes an expectation for reliability, and the excitement turns to a yearning for more innovation. Our technological thirst drives the information technology sector and a digital economy worth over $11 trillion globally. We generate 2.5 quintillion bytes of data daily and by 2025, there will be 75 billion connected devices in the world.

Yet, in our efforts to satisfy this drive for greater innovation, we often overlook the risks that come with deploying cutting-edge technology while sustaining what we already have. We have come to expect that security is already built-in and that it will operate “automagically” to keep us safe. Unfortunately, that is not the case. Indeed, manufacturers will do their part to provide security in their products. Most technologies offer some degree of protection in their products, but we need to actively configure it and keep it up to date to get the most of it.

To keep our digital presence safe, we need to keep a digitally secure mindset. For example, at work, a dedicated and experienced team of professionals maintains a secure environment for us, but they still need us to operate in the environment securely. Likewise, we need to maintain a secure environment and keep a cybersecurity-aware mindset when leveraging technology in our personal lives. We must do our part in keeping our networks safe and avoid potentially risky behaviors. We must also exercise caution when sharing our digital information with others at work, at home, or on publicly available networks.

Six cyber principles for everyday life:

Identify your most important and sensitive information and secure it.
This point may seem obvious, but many overlook it in daily practice. Make sure to back up important photos and files. Keep sensitive information like your tax, financial, or health information off the computer and on a removable device. Only place the removal device on the network when you need it.

Ensure you keep your computer, home network, and other technologies secure.
Have you configured them correctly, or do they still have their default settings in place? Are you keeping them updated and maintained to your standards? Refer to the user manuals or online cybersecurity sources to better help secure your technology.

Remain cybersecurity aware when you use new technologies or applications.
Often new capabilities rely on analysis of your data on someone else’s networks. In other cases, the technology company will want to reuse your information or sell your information to offset operational costs. It is essential to understand how the technology works and how it uses your data. You may have to look a little closer at those user agreements before you install an application. Be sure you agree with how the technology works. Ask yourself those tough questions. For instance, are you comfortable with Alexa or Siri listening to your conversations? Or do you know what information that free application is accessing on your phone?

Be mindful of the risks you take and mitigate them where you can.
Most people find it convenient to engage with others through digital platforms. So, when and where we can, we should take a moment and consider the hidden risks before we act. Make sure you are using the right platform when sharing sensitive information. Avoid using public Wi-Fi spots for online banking or other personal matters. If you are still relying on passwords for authentication, you may want to see if an alternate form of stronger authentication is available.

Be aware how applications are accessing information and when.
For instance, some applications will gather information even when you are not directly using them. Applications may also be accessing your microphone, camera, or photos without your full awareness. Be curious about the information that your applications are accessing and consider how that the developer of that application may use that information without your knowledge. Be skeptical and ask the tough questions.

Remain cyber-aware and up to date.
There are a lot of resources available to help keep you current and secure. Some hardware and software manufacturers provide online instructions on how to change default settings and receive periodic updates. Your Internet Service Provider (ISP) may provide additional guidance on securing your home network. You may also purchase security support services to protect your network and internet activities. And you may want to obtain credit monitoring and identity theft protection services as an additional safeguard.

While technology continues bringing convenience and new capabilities to our daily lives, we need to ensure that security is part of our plan. We must take an active role in protecting our technology assets and data. Please don’t leave it to chance. “Do your part and #BeCyberSmart.”

❮   Back to News

CIO.gov

An Official website of the Federal Government

Looking for U.S. government information and services?
Visit USA.gov