Cybersecurity is everyone’s responsibility – even our volunteers

One of the great things about the Scouting organization is that we have adult volunteers that can bring their professional backgrounds to this organization and we can benefit from their knowledge and expertise –free of charge–. In our troop, and our partner pack (Pack 183), we are fortunate enough to have three adult volunteers that work in the cyber infrastructure space and two youth that are junior webmasters.

A recent cybersecurity incident occurred which brings cybersecurity to the front of everyone’s mind. Although the incident started as a minor spamming incident involving a personal email account, it was about to turn into something more serious if it wasn’t for the watchful eye of the account owner and volunteer leaders taking quick action. I don’t mention this to shame the victim (we are great friends and who has a heart of gold)… heck I’ve been a victim before too! I mention it as a reminder that attackers, wrongdoers, malicious individuals, and organized cybercriminals don’t care who their victims are, they are just looking for the next victim and we have to do our best to make sure that our personal data and our volunteer data is secured.

Scouts BSA does a good job in requiring cyber awareness training to our scouts through various means such as NetSmartz. But we don’t want to do just a good job, we want to do a great job. Our troop leaders have spent hundreds (yes hundreds) of hours ensuring that our data systems are secured to the maximum extent possible but we still need your help. That’s why our troop and pack leaders have included on our website links to two cyber awareness organizations at the very bottom of each of our webpages and why we are putting out this blog post with tips that you can take right now to make yourself more cyber secure.

  1. Protect your data – don’t expect anyone to do it for you. Not sure how to get started? Check out the tips below or reach out to any of us in person or via email using our webmaster DL.
  2. Do not blindly trust email attachments, even if they come from a trusted source. Always check with the sender through a secondary means (phone call, text message, in person) and ask if they intended to send you an attachment.
  3. Don’t feed the phish! Never, ever respond to email requests to make a purchase on someone else’s behalf or provide sensitive information over email. Always follow up with the sender through a secondary means to confirm that the request is real.
  4. Don’t open those phishing text messages on your phone. Trust me, your bank/PayPal/eBay/TikTok has NOT suspended your account and is telling you via text message to follow up by clicking a link. Just a little unsure? Go to the official website of the service provider you use and give them a call or chat.
  5. Use strong passwords and use a unique password on each service you use. Don’t use the same password across multiple services. You’re sitting on a disaster waiting to happen.
  6. Enable multi-factor authentication on all of your accounts. You know, that 30 second code that you are asked for when you sign in to services like your bank? Turn that on for your social media, your email, and everything else that supports it.
  7. Lock your phone and your computer! How many of us use email, shop, or check our bank accounts on our phones? How many of us have email conversations that include our scout youth’s full name? Maybe their home address? Maybe (hopefully not) banking data? Medical data? (That’s a BSA policy no-no). A phone and computer without a password is a bank vault with the door wide open.
  8. Last, and certainly not least, talk to you kids, your scouts, and your fellow scouters. Cybersecurity is everyone’s responsibility – even our volunteers!

~John B. is the volunteer adult webmaster and Outdoor Activities Coordinator for BSA Troop 3 and Troop 1003. In his professional role, he is a cybersecurity and cybercrimes investigator.

~Jerry R. and Jameel M. are the volunteer adult webmasters for Pack 183. In their professional roles, Jerry is a cloud systems engineer and Jameel has a background in web design.