Back to Top Skip to main content

Cyber fitness is everyone's responsibility today

Servio Medina from the Cyber Policy Branch of the Defense Health Agency speaks at DHITS 2018 on the need for exercising cyber fitness practices in today's technology driven life. Servio Medina from the Cyber Policy Branch of the Defense Health Agency speaks at DHITS 2018 on the need for exercising cyber fitness practices in today's technology driven life.

Recommended Content:

Defense Health Agency | Technology | DHITS 2019

Taking care of our physical self and personal hygiene – working out, eating well, and washing up – is a normal part of our daily lives. If we put the same effort into making sure we’re ‘in shape’ in the cyber world, we could make a big difference in protecting our personal information. 

Not too long ago, cybersecurity was considered someone else’s problem. But it’s not a technological problem, it’s a human knowledge problem and a personal responsibility, Servio Medina, acting chief of Cyber Security Division Policy Branch at Defense Health Agency, said.

“[That notion] reflected a time that is behind us [and] needs to be behind us,” Medina said, speaking at the Defense Health IT Symposium in Orlando, Florida, on July 25. “We have to acknowledge that a change in one context can impact another context.”

While some people receive cyber awareness training as part of their job, not all 9.4 million beneficiaries in the Military Health System do. Cybersecurity goes beyond the workplace and into homes, impacting everything from toys to video game chat rooms to email, and it’s important for people of all ages to be ‘cyberfit,’ as Medina says. The Health and Human Services department refers to this concept as cyber hygiene, and defines it as an individual’s health, or security, when conducting all activities online.

Without the right training or knowledge, anyone can accidentally fall victim to cybersecurity problems, or make personal information vulnerable. 

“We do want to empower [people] to not unwittingly compromise their own information and their own wellbeing,” said Medina. Part of the Military Health System’s role in taking care of families is helping them understand how to protect their online presence, he said. 

Being cyberfit includes recognizing risky behavior, such as clicking a link in a suspicious email. Simple acts, like walking away from an unlocked computer or not having a passcode on a phone, accounts for more than half of all data breaches according to the Society of Human Resource Professionals.  Additional cyberfit tips include:

  • Avoid phishing. Don’t open e-mails or links from an unknown source, and don’t reply to requests for personal or medical information.
  • Being social online also means you’re global. Think carefully before posting anything on the internet, and remember social media and websites can be tracked and hacked.
  • Use caution when using public Wi-Fi. While it’s convenient, it’s usually unsecure.

Password protecting devices and applications, using reliable malware software, avoiding unsecure networks to share personal information, and avoiding public Wi-Fi networks can help protect personal information. In addition, beneficiaries can protect their health information by using a secure messaging portal through a provider to share health information and carefully checking health care statements to avoid fraud or scams.

Medina said people sometimes need nudges, such as pop-up notifications indicating the security certificate of a website and caution to proceed at risk.

“It takes repeated training, it takes nudges, it takes effective training, but it takes more than that, too,” said Medina, believing it takes three months to change a habit, six months to change a behavior, and a year to change a lifestyle. 

“It takes us to recognize that most incidents trace back to some sort of behavior,” said Medina, referring to a 2015 Department of Defense memo stated roughly 80 percent of cybersecurity breakdowns can be traced back to humans – even after training, said Medina. Most of these cases come down to ignorance, willful neglect, poor judgement, ineffective policy, or criminal intent, he said.

Cybersecurity can dramatically impact the family wellbeing, and when the wellbeing of the family is affected, the readiness of service members and their ability to complete their mission can also be impacted, Medina said.

“[I]t wasn’t too long ago that cybersecurity was someone else’s problem,” said Medina. “We can’t have that mindset anymore. Cybersecurity is really, in a way, everybody’s responsibility today.” 

You also may be interested in...

Improvement of Administration of DHA And MTFs

Congressional Testimony
11/21/2019

H.R. 5516, NDAA for FY 2019, Section 711(c) (Defense Health Command)

Recommended Content:

Defense Health Agency | Military Hospitals and Clinics

Artificial intelligence makes its way to dermatology clinic

Article
11/18/2019
Air Force Maj. Thomas Beachkofsky, 6th Health Care Operations Squadron dermatologist, uses a body scanner microscope to take a picture of a spot on his arm at MacDill Air Force Base, Florida. A new software upgrade allows a complex algorithm to analyze an image captured with a camera and rate the severity of the spot for a dermatologist to review. (U.S. Air Force photo by Senior Airman Adam R. Shanks)

The software was able to correctly identify 95% of malignant skin tumors

Recommended Content:

Military Hospitals and Clinics | Technology

Solution Delivery Division

Fact Sheet
11/12/2019

The mission of Solution Delivery Division (SDD) is enhancing Health Service Delivery through exceptional Information and Technology.

Recommended Content:

Technology

Medical tools, supplies 3D printed in desert deployment

Article
11/1/2019
Army Lt. Col. Jason Barnhill, a faculty member of West Point and the Uniformed Services University’s Department of Radiology, poses for a photo with a 3D printer capable of biofabrication that could expedite repair or perhaps replace damaged tissues for troops injured on the battlefield. (Courtesy photo)

3D printing provides the ability to produce tailored health care solutions

Recommended Content:

Technology

State of the art procedure is the first within DoD

Article
10/28/2019
Retired Capt. Eugene Chalaire was the first to undergo an intricate cancer-preventive procedure performed at Womack Army Medical Center this summer. Womack is the first within the DoD to offer this service. (U.S. Army photo)

Only a handful of medical centers in the United States perform this surgery

Recommended Content:

Technology | Military Hospitals and Clinics

Third Quarter Report Army Corps of Engineers Projects within the Defense Health Agency

Congressional Testimony
10/4/2019

H.R. 1625 DoD Approps Act FY 2018 Joint Explanatory Statement, Pg. 998

Recommended Content:

Defense Health Agency

DHA IPM 18-015: Cybersecurity Program Management

Policy

This Defense Health Agency-Interim Procedures Memorandum (DHA-IPM), based on the authority of References (a) through (c), and in accordance with the requirements of References (d) through (y): • Establishes the Defense Health Agency’s (DHA) procedures to implement and maintain a DHA Cybersecurity Program for the Military Health System (MHS) to protect and defend DHA information and Information Technology (IT). • Is effective immediately; it will be converted into DHA-Procedural Instruction (DHA-PI), “Cybersecurity Program Management.” This DHA-IPM will expire effective 12 months from the date of issue.

  • Identification #: 18-015
  • Date: 9/23/2019
  • Type: DHA Interim Procedures Memorandum
  • Topics: Technology

DHA IPM 18-011: Video Network Center (VNC) Endpoint Standards

Policy

This Defense Health Agency-Interim Procedures Memorandum (DHA-IPM), based on the authority of References (a) through (c), and in accordance with the guidance of References (d) through (g): - Provides guidance for video network endpoint standards required for sites to connect to the Defense Health Agency (DHA) VNC network. These standards will help ensure security compliance, efficiency, and best practices are maintained across the DHA network. Meeting certification requirements brings many benefits, including: increased assurances of a successful video teleconference (VTC) experience, full access to bridge and point-to-point calls, and access to peer video networks, including the Department of Veterans Affairs, academia, and industry partners. Compliance with stated standards does not preclude users connecting to other DoD approved networks. - This DHA-IPM is effective immediately; it will be converted into a DHA-Procedural Instruction. This DHA-IPM will expire effective 12 months from the date of issue.

  • Identification #: 18-011
  • Date: 9/20/2019
  • Type: DHA Interim Procedures Memorandum
  • Topics: Technology

DHA IPM 18-013: Risk Management Framework (RMF)

Policy

This Defense Health Agency-Interim Procedures Memorandum (DHA-IPM), based on the authority of References (a) through (c), and in accordance with the guidance of References (d) through (ac): • Incorporates cybersecurity strategy, policy, awareness/training, assessment, continuous monitoring, authorization, implementation, and remediation. • Aligns with the Deputy Assistant Director, Information Operations (DAD IO) J-6/Chief Information Officer’s (CIO) key concept of increasing cybersecurity of Defense Health Agency’s (DHA) Information Technology (IT); therefore, robust risk assessment and management is required. • Encompasses lifecycle risk management to determine and manage the residual cybersecurity risk. • This DHA-IPM is effective immediately; it will be converted into a DHA-Procedural Instruction. This DHA-IPM will expire effective 12 months from the date of issue.

  • Identification #: 18-013
  • Date: 9/20/2019
  • Type: DHA Interim Procedures Memorandum
  • Topics: Technology

A change in leadership for the Defense Health Agency

Article
9/3/2019
Army Lt. Gen. Ronald Place, the incoming director of the Defense Health Agency, previously served in DHA as director of the National Capital Region Medical Directorate, the transitional Intermediate Management Organization, and the interim assistant director for health care administration. (MHS photo)

Army Lt. Gen. Place installed as third director

Recommended Content:

Defense Health Agency | MHS GENESIS | MHS Transformation

VADM Raquel Bono: The end of a brilliant tenure, the beginning of a new chapter

Article
8/30/2019
Vice Admiral Raquel C. Bono

As she completes a 36-year career, Bono looks ahead to “disrupt” health care

Recommended Content:

Defense Health Agency

VADM Bono: Why Our Mission Matters

Video
8/30/2019
VADM Bono: Why Our Mission Matters

Recommended Content:

Defense Health Agency

VADM Bono:Medical Career Development

Video
8/30/2019
VADM Bono:Medical Career Development

Recommended Content:

Defense Health Agency

VADM Bono:Notable Changes to TRICARE Health Plan

Video
8/30/2019
VADM Bono:Notable Changes to TRICARE Health Plan

Recommended Content:

Defense Health Agency

McCaffery sworn in as new ASDHA

Article
8/29/2019
Assistant Secretary of Defense for Health Affairs Thomas McCaffery was formally sworn into office on August 28, 2019

He will oversee the transfer of management of hundreds of military hospitals and clinics from the Army, Navy and Air Force to the Defense Health Agency

Recommended Content:

Office of the Assistant Secretary of Defense for Health Affairs | Assistant Secretary of Defense for Health Affairs | Defense Health Agency | MHS Transformation
<< < 1 2 3 4 5  ... > >> 
Showing results 1 - 15 Page 1 of 9

DHA Address: 7700 Arlington Boulevard | Suite 5101 | Falls Church, VA | 22042-5101

Some documents are presented in Portable Document Format (PDF). A PDF reader is required for viewing: Download a PDF Reader or learn more about PDFs.