Kristi Noem, DHS Secretary | official facebook
The Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA) have announced the start of Cybersecurity Awareness Month 2025. The campaign, led by CISA, aims to provide government agencies and private sector organizations with resources to protect essential services such as water, power, communications, food, and finance.
This year’s theme is "Building a Cyber Strong America." The campaign encourages all levels of government—including state, local, tribal, and territorial entities—as well as businesses of all sizes and supply chain partners to take responsibility for cybersecurity.
“Cybersecurity is a critical theater in defending our homeland,” said Homeland Security Secretary Kristi Noem. “Every day, bad actors are trying to steal information, sabotage critical infrastructure, and use cyberspace to exploit American citizens. Taking down these threats requires a strong private-public partnership, and the reforms we’ve implemented at CISA have empowered them to work with all of our partners to take down these threats and make America cyber secure again. This Cybersecurity Awareness Month is the time for us to continue our efforts to build a cyber strong America.”
CISA emphasized the importance of ongoing vigilance against cyber threats. Acting CISA Director Madhu Gottumukkala stated: “Critical infrastructure – whether in the hands of state and local entities, private businesses, or supply chain partners – is the backbone of our daily lives. Whenever it’s disrupted, the effects ripple through communities across America. That’s why this year CISA is prioritizing the security and resilience of small and medium businesses, and state, local, tribal, and territorial government (SLTT) that facilitate the systems and services sustain us every day. This includes things like clean water, secure transportation, quality healthcare, secure financial transactions, rapid communications, and more. Together, we must make resilience routine so America stays safe, strong, and secure.”
The campaign outlines several best practices for individuals and organizations:
- Recognize and report phishing attempts.
- Use long and unique passwords.
- Enable multifactor authentication.
- Keep software updated.
Additional recommendations include enabling system logging to detect suspicious activity; backing up data for quicker recovery after incidents; and encrypting sensitive information.
DHS and CISA encourage participation from every sector during October's awareness month activities. More information can be found at https://www.cisa.gov/cybersecurity-awareness-month.