An official website of the United States government
Here's how you know
A .mil website belongs to an official U.S. Department of Defense organization in the United States.
A lock (lock ) or https:// means you’ve safely connected to the .mil website. Share sensitive information only on official, secure websites.

Home : News : News
NEWS | Oct. 19, 2023

Navy shares best cybersecurity practices

Office of the Deputy Chief of Naval Operations for Information Warfare

As part of National Cybersecurity Awareness Month, the Navy is sharing best practices for working remotely or off-duty to ensure Sailor's and staff's online behavior reflects the highest standards of character and conduct.

“Cybersecurity is a Navy priority and commander’s business,” said Scott St. Pierre, Director of the Navy’s Enterprise Networks and Cybersecurity Division. “We are in a cyber-fight all day every day, on the job and at home. The threats are both nation-states and cybercriminals. Therefore, we must be prepared.” 

Cybercriminals often rely on operator mistakes to gain access to systems: 95 percent of all cybersecurity breaches are due to human error. 

Here are some best practices to keep in mind while at your desk: 

  • Every member of the Navy team shares responsibility to protect the Navy’s systems and information. Every time you check your e-mail, access a shared drive or log onto a network, you are a cyber-warrior, and cybersecurity is your responsibility. 
  • Verify links and files before clicking or downloading; both are common attack vectors for nation-states, criminals, and insider threats.  
  • When clicking on hyperlinks in emails, hover over the link to verify authenticity. Also, ensure that URLs begin with “https.” The “s” indicates encryption is enabled to protect user information. 
  • Always check the “To” and “Cc” lines to ensure information is being sent to those with a need to know. 
  • Make passwords complex and change them frequently. Strong passwords include one uppercase letter, one lowercase letter, at least one number and 11 or more characters. Never write passwords down. 
  • Keep your computer healthy.  This includes reading User Awareness Bulletins and acting as necessary to install software updates and apply security patches when prompted.  
  • Keep your Common Access Card (CAC) in your possession at all times. Your CAC serves as part one of two-factor authentication; it is something you have.  Your PIN, something only you know, serves as part two. A bad actor in possession of even one part of two-factor authentication increases the likelihood of them gaining access. 
  • Report phishing or suspicious activity.  According to the National Cybersecurity Alliance, only 22 percent of email recipients report phishing.  Use your Information Systems Security Manager and cybersecurity professionals for support. 

Since 2004, the President of the United States and Congress have declared October Cybersecurity Awareness Month, helping individuals protect themselves online as threats to technology and confidential data become more common. Celebrating its twentieth year, the campaign has grown globally since its inception, reaching consumers, small and medium-sized businesses, corporations, and families in over 75 countries and territories.  

For more information on the Navy’s Cybersecurity Awareness Campaign, visit and search “Cybersecurity Awareness Month.”