Back to Top Skip to main content

Cyberfit family: Making cybersecurity understandable for all ages

By making cyber fitness a part of daily routines, families can protect their online information and personal well-being. By making cyber fitness a part of daily routines, families can protect their online information and personal well-being.

Recommended Content:

Technology

From protecting systems and data to regular training updates, cybersecurity is a top priority in the workplace – and it should be at home, too. By making cyber fitness a part of daily routines, families can protect their online information and personal well-being.

Servio Medina, Cyber Security Division Policy Branch lead at the Defense Health Agency, said cybersecurity used to be considered a technological problem, but now it’s viewed as a human knowledge problem and a personal responsibility. The need for cyber awareness goes beyond the workplace and into homes, impacting items ranging from electronic devices to toys, and increasing the importance for people of all ages to be ‘cyberfit,’ as Medina says.

“We do want to empower [people] to not unwittingly compromise their own information and their own well-being,” said Medina while speaking at Defense Health IT Symposium in July. Part of the Military Health System’s role in taking care of families is helping them understand how to protect their online presence, he said.

Cyberfitness, also known as cyber hygiene by the Department of Health and Human Services, is defined as an individual’s health or security when conducting all activities online. Medina called it a readiness issue.

Being cyberfit includes recognizing risky behavior, such as clicking a link in a suspicious email, said Medina. Federal employees are required to take yearly cyber awareness training and comply with Health Insurance Portability and Accountability Act (HIPAA) guidelines for protecting health care information. But roughly 80 percent of cybersecurity breakdowns can be traced back to human error after training, according to a 2015 Department of Defense memo that included a plan to close the gap.

Medina said an increase in awareness and accountability is needed to reduce cyber risks. He draws a parallel with the practices and choices we make every day for overall fitness.

“You should probably get a medical expert’s assessment if you suspect having something worse than a cold, yet we really don’t have the same mindfulness when it comes to cyber practices and choices,” said Medina. The DoD released its 2018 Cyber Strategy, which emphasizes that leaders and their staffs need to be “cyber fluent” so they can understand the cybersecurity implications of their decisions.

“By understanding the consequences of their cybersecurity decisions on the job – and seeking a cybersecurity expert’s assessment – people can be better equipped to use this knowledge in their activities outside the office,” said Medina.

“We at the DHA care about family cyberfitness because innovations are enabling Military Health System beneficiaries to have greater and easier access to electronic health records, communication and prescription tools, and more,” he said. “Without cyberfitness, these health IT innovations might lead to information being misused by mistake or on purpose.”

Medina said military families in particular often face challenges with cyberfitness. Frequent moves and deployments upset routines and social connections. Some parents may become so distracted by the basic details of re-establishing households that they don’t pause to consider what their children – who seem to be positively occupied – may be doing online, he said.

Kelly Blasko, a psychologist and program lead for the mobile app and web program in the Connected Health branch in the Defense Health Agency at Joint Base Lewis-McChord in Washington, referred to video games and online chat rooms as examples of possible security threats facing children and teenagers.

“We tell children not to talk to strangers and that’s usually in a face-to-face situation, but it’s true on the internet as well,” said Blasko, a representative for Military Kids Connect. Cyber predators can target minors through the use of false links that allow access to the computer or accounts used by the child, she warned. “That really puts them at risk.”

Identify theft is often thought of as a problem for adults connected to financial identity, but children can also be targets, Blasko said. “They use the family computer and it might have banking account information or Social Security numbers that could allow someone to open a credit card in the name of a child, and then that ends up being a real problem.”

Medina said it’s important for parents to talk with children about cyberfitness frequently and candidly. He stressed that those conversations can empower children to make smart decisions and understand that cyberfitness is a daily priority. “Begin the conversations when they’re young, with age-appropriate messages on topics like creating strong passwords, safeguarding personal information, and turning to a trusted adult immediately if anything online makes the child uneasy.”

Blasko recommends having the conversation before any security concern comes up. Paying attention to how children and teenagers use the internet, educating them on cyber awareness, and having an open dialogue can allow young people to feel comfortable going to a parent or trusted adult for help, she said.

According to the Department of Homeland Security, children between the ages of 8 and 18 spend an average of seven and a half hours online every day at home, school, and public spaces.

“Practically everyone, young or old, can click into and connect with data, information, and other people,” said Medina. Many household items that rely on an internet connection and may seem mundane – such as security cameras, baby monitors, or wireless devices – can put people at risk for a cybersecurity breach, said Blasko.

Medina said the Defense Health Agency’s health information technology team offers information to ensure cyberfitness at home, including a five-day plan: Day 1 – add strong passwords to devices; Day 2 – clean out mobile apps; Day 3 – protect stored information; Day 4 – share information wisely; and Day 5 – beware of health information fraud.

The DHS campaign, Stop.Think.Connect, offers parent and educator resources for talking about cybersecurity with children.

“We have to protect our military children and families,” said Blasko. “They’re really who we serve and we don’t want them to be jeopardized in any way.”

You also may be interested in...

Medical tools, supplies 3D printed in desert deployment

Article
11/1/2019
Army Lt. Col. Jason Barnhill, a faculty member of West Point and the Uniformed Services University’s Department of Radiology, poses for a photo with a 3D printer capable of biofabrication that could expedite repair or perhaps replace damaged tissues for troops injured on the battlefield. (Courtesy photo)

3D printing provides the ability to produce tailored health care solutions

Recommended Content:

Technology

State of the art procedure is the first within DoD

Article
10/28/2019
Retired Capt. Eugene Chalaire was the first to undergo an intricate cancer-preventive procedure performed at Womack Army Medical Center this summer. Womack is the first within the DoD to offer this service. (U.S. Army photo)

Only a handful of medical centers in the United States perform this surgery

Recommended Content:

Technology | Military Hospitals and Clinics

DHA IPM 18-015: Cybersecurity Program Management

Policy

This Defense Health Agency-Interim Procedures Memorandum (DHA-IPM), based on the authority of References (a) through (c), and in accordance with the requirements of References (d) through (y): • Establishes the Defense Health Agency’s (DHA) procedures to implement and maintain a DHA Cybersecurity Program for the Military Health System (MHS) to protect and defend DHA information and Information Technology (IT). • Is effective immediately; it will be converted into DHA-Procedural Instruction (DHA-PI), “Cybersecurity Program Management.” This DHA-IPM will expire effective 12 months from the date of issue.

  • Identification #: 18-015
  • Date: 9/23/2019
  • Type: DHA Interim Procedures Memorandum
  • Topics: Technology

DHA IPM 18-011: Video Network Center (VNC) Endpoint Standards

Policy

This Defense Health Agency-Interim Procedures Memorandum (DHA-IPM), based on the authority of References (a) through (c), and in accordance with the guidance of References (d) through (g): - Provides guidance for video network endpoint standards required for sites to connect to the Defense Health Agency (DHA) VNC network. These standards will help ensure security compliance, efficiency, and best practices are maintained across the DHA network. Meeting certification requirements brings many benefits, including: increased assurances of a successful video teleconference (VTC) experience, full access to bridge and point-to-point calls, and access to peer video networks, including the Department of Veterans Affairs, academia, and industry partners. Compliance with stated standards does not preclude users connecting to other DoD approved networks. - This DHA-IPM is effective immediately; it will be converted into a DHA-Procedural Instruction. This DHA-IPM will expire effective 12 months from the date of issue.

  • Identification #: 18-011
  • Date: 9/20/2019
  • Type: DHA Interim Procedures Memorandum
  • Topics: Technology

DHA IPM 18-013: Risk Management Framework (RMF)

Policy

This Defense Health Agency-Interim Procedures Memorandum (DHA-IPM), based on the authority of References (a) through (c), and in accordance with the guidance of References (d) through (ac): • Incorporates cybersecurity strategy, policy, awareness/training, assessment, continuous monitoring, authorization, implementation, and remediation. • Aligns with the Deputy Assistant Director, Information Operations (DAD IO) J-6/Chief Information Officer’s (CIO) key concept of increasing cybersecurity of Defense Health Agency’s (DHA) Information Technology (IT); therefore, robust risk assessment and management is required. • Encompasses lifecycle risk management to determine and manage the residual cybersecurity risk. • This DHA-IPM is effective immediately; it will be converted into a DHA-Procedural Instruction. This DHA-IPM will expire effective 12 months from the date of issue.

  • Identification #: 18-013
  • Date: 9/20/2019
  • Type: DHA Interim Procedures Memorandum
  • Topics: Technology

Special Needs Program Management Information System (SNPMIS)

Fact Sheet
8/15/2019

SNPMIS documents and reports on services provided to TRICARE patients with special needs.

Recommended Content:

Technology | Solution Delivery Division

DHA IPM 18-007: Service Delivery Management Program

Policy

This Defense Health Agency-Interim Procedures Memorandum (DHA-IPM), based on the authority of References (a) and (b), and in accordance with the guidance of References (c) through (e): - Establishes the Defense Health Agency’s (DHA) procedures for implementing and managing high quality information technology (IT) services by the Chief Information Officer (CIO), Deputy Assistant Director Information Operations (DAD IO/J-6), Military Health System (MHS). The DHA Service Delivery Management program provides customers requesting IT services from the DAD IO/J-6 or Defense Information Systems Agency service catalogs with an on-demand, automated system that provides a single-entry point to submit service requests. The automated system enables DAD IO/J-6 to align business needs and use repeatable and scalable processes to holistically track, manage, and report on customer submitted requests for IT services from submission to fulfillment. - Is binding on DoD Components and supports the Director’s, DHA, responsibility to develop appropriate management models to maximize efficiencies in the activities carried out by the DHA. - This DHA-IPM is effective immediately; it will be converted into a DHA-Procedural Instruction (DHA-PI). This DHA-IPM will expire effective 12 months from the date of issue.

  • Identification #: 18-007
  • Date: 8/7/2019
  • Type: DHA Interim Procedures Memorandum
  • Topics: Technology

DHA PI 3201.05: Technology Transfer (T2) Program

Policy

This Defense Health Agency-Procedural Instruction (DHA-PI) based on the authority of References (a) and (b), and in accordance with the guidance of References (c) through (t), establishes responsibilities, procedures, and guidance for the Defense Health Agency’s (DHA) T2 program.

  • Identification #: 3201.05
  • Date: 6/20/2019
  • Type: DHA Procedural Instruction
  • Topics: Technology

Nutrition Management Information System (NMIS)

Fact Sheet
6/19/2019

NMIS is a fully integrated nutrition management system supporting military readiness and the war fighter worldwide.

Recommended Content:

Technology | Solution Delivery Division

Defense Occupational and Environmental Health Readiness System – Hearing Conservation (DOEHRS-HC)

Fact Sheet
6/17/2019

The Defense Occupational and Environmental Health Readiness System – Hearing Conservation (DOEHRS-HC) is an information system designed to support personal auditory readiness and help prevent hearing loss through early detection.

Recommended Content:

Technology | Hearing Loss | Solution Delivery Division

Military Health System (MHS) Population Health Portal (PHP)

Fact Sheet
6/11/2019

Military Health System (MHS) Population Health Portal (PHP) Fact Sheet

Recommended Content:

Technology | Solution Delivery Division

Expense Assignment System (EAS IV)

Fact Sheet
6/11/2019

EAS IV is a Web-based tool essential to the Department of Defense because it assists the Defense Health Agency in identifying the total cost of providing health care to TRICARE patients.

Recommended Content:

Technology | Solution Delivery Division

Coding and Compliance Editor (CCE)

Fact Sheet
6/11/2019

CCE supports the Department of Defense efforts to improve coding accuracy and reimbursements for inpatient and outpatient services.

Recommended Content:

Technology | Solution Delivery Division

Patient Encounter Processing and Reporting (PEPR)

Fact Sheet
6/11/2019

PEPR allows analysis of purchased care claims data created by the TRICARE Managed Care Support Contractors.

Recommended Content:

Technology | Solution Delivery Division

BATDOK improves, tailors to deployed medics

Article
6/7/2019
Air Force Chief Master Sgt. Robert Bean, a pararescueman, demonstrates how BATDOK can be worn on the wrist, providing awareness of the health status of multiple patients. (U.S. Air Force photo)

BATDOK is under user evaluations by Air Force Pararescuemen and Army Rangers

Recommended Content:

Technology
<< < 1 2 3 4 5  ... > >> 
Showing results 1 - 15 Page 1 of 8

DHA Address: 7700 Arlington Boulevard | Suite 5101 | Falls Church, VA | 22042-5101

Some documents are presented in Portable Document Format (PDF). A PDF reader is required for viewing: Download a PDF Reader or learn more about PDFs.