In a joint effort with the Office of Management and Enterprise Services (OMES), Gov. J. Kevin Stitt has declared October 2025 as Cybersecurity Awareness Month for the State of Oklahoma.
For the third consecutive year, the governor’s proclamation highlights the critical importance of online safety. It serves as a reminder that protecting personal data and securing the state’s digital infrastructure is a shared responsibility, especially at a time when bad actors are using artificial intelligence to advance threat tactics.
“We’ve made significant strides in improving our cybersecurity posture through enhanced monitoring, training programs, incident response plans and updated security protocols,” said State Chief Information Officer Dan Cronin. “However, it is important to recognize that cybersecurity is an ongoing journey that requires constant adaptation to emerging threats.”
OMES Oklahoma Cyber Command, the state’s central cybersecurity team, works around the clock to protect state data and applications from tens of billions of threats annually, including phishing attempts, Business Email Compromise (BEC), and email-borne viruses and malware.
The team’s efforts are amplified by its partnership with the Oklahoma Information Sharing and Analysis Center (OK-ISAC), a no-cost membership program overseen by OMES that fosters collaboration between the public and private sectors to share vital information and best practices to improve cyber resilience at the local, regional and national levels.
This partnership approach aligns with the 2025 Cybersecurity Month Awareness theme, Building a Cyber Strong America, administered by the federal Cybersecurity and Infrastructure Security Agency (CISA). The campaign “calls on everyone – state, local, tribal and territorial (SLTT) governments, small and medium businesses, and entities involved in our supply chains – to take cybersecurity into their own hands to secure the Homeland in a world of constantly-evolving threats.”
“Cybersecurity isn’t a task for the government alone; it’s a community effort,” CIO Cronin said. “By spreading awareness of risks and best practices, we can ensure a safer digital environment for ourselves, our families and our entire state.”
Oklahoma is also championing the Secure Our World campaign, a national initiative CISA launched in 2023. This campaign encourages individuals and organizations to make cybersecurity a daily habit by focusing on four fundamental actions:
- Recognize and report phishing: Be vigilant against suspicious emails and use tools like the Phish Alert Report button in Outlook to report potential scams.
- Use strong passwords and a password manager: Utilize a password manager like Secret Server, the state’s recommended tool, to generate and store robust passwords.
- Turn on multifactor authentication: Add an extra layer of security by enabling MFA on both personal and work-related accounts.
- Update software: Keep all devices and applications up to date to protect against vulnerabilities.
To further this mission, Oklahoma businesses, government agencies, and organizations are invited to become Oklahoma Champions by pledging to promote good cybersecurity habits within their communities. Champion organizations will be featured on the OK-ISAC website for their dedication to keeping Oklahoma cyber secure. Organizations seeking more information on how to participate in Cybersecurity Awareness Month can email the OK-ISAC at okisac@omes.ok.gov.
Individuals can find additional resources to enhance their cyber safety at home and at work by visiting cisa.gov/secure-our-world, which provides toolkits and guidance for securing individuals, families and businesses.
To report a cyber incident or suspicious activity, state employees can submit a ticket through the OMES Service Desk. Non-state employees should report incidents to the Federal Bureau of Investigation’s Internet Crime Complaint Center (IC3) and the Federal Trade Commission.
