Cybersecurity Awareness Month and Engaging Your Campus Community

National Cybersecurity Awareness Month (NCSAM) is observed in October to bring awareness around the existential cybersecurity threats that face us every day, to provide resources to stay safe while online and increase our resilience as a nation against cyber crimes and threats.

NCSAM was developed by the National Cyber Security Alliance (NCSA) and the U.S. Department of Homeland Security (DHS) in 2004 with the mission to help Americans stay safer and more secure online.

NCSAM’s theme this month is “OWN IT. SECURE IT. PROTECT IT.,” which will help encourage Americans to better understand their own technology, how to keep it secure, and continuously monitoring your “digital profile” to help protect yourself.

Best Practices for Higher Education Institutions

Cyber Crime and Its Increasing Costs

Cybercrime, defined, is the criminal activity (such as fraud or theft) committed using a computer especially to illegally access, transmit, or manipulate data. And, as the rates of cybercrime increase so does the overall cost - $600 billion.

Let’s break down the numbers

  • 86% of education industry experienced DNS attack in the past year.
  • Since 2005, there have been over 540 higher education security breaches.
  • Spam and phishing emails are responsible for 66 percent of ransomware infections.
  • In 2017, 48 percent of organizations were affected by ransomware.

Often times, organizations don’t even know they have been attacked until it is too late. In fact, several institutions have had to pay thousands of dollars to hackers to retrieve financial information and highly personal identifiable data.

According to IBM, the average cost per data record from a higher education institution is around $200 – doubling-down on the fact that if a campus neglects investing in a comprehensive cybersecurity strategy, it may end up paying large amounts to restore campus usability.

Cybersecurity Threats and How to Protect Your Campus

Phishing – Phishing is the practice of using deceptive email messaging and websites to trick users into giving up confidential information. Phishing is all about tricking users with information readily found online, often looking like they’re from an organization that you trust, such as your place of employment or subscription-based entertainment.

How to Stay Safe?

  • Closely inspect the sender’s information as well as the email itself.
  • What’s the required action? Is it something “urgent?” (Try logging into your account separately to see if anything is required within the platform)
  • Don’t click on links or buttons in suspicious emails, even if they look like they may be coming a colleague.
  • Consider setting up multi-factor authentication within your online accounts.

 

Malware – Malware is a variety of software that’s created to act maliciously and destroy or access a computer’s information without the knowledge of the user. Malware is designed to infiltrate and damage computers without any user consent. Malware can be provided access to your computer through phishing attempts, filesharing, removable media, etc.

How to Stay Safe?

  • Be cautious providing anyone or any program access to your devices.
  • Keep your devices up to date, for the most part software updates contain security updates to protect your devices from malware.

 

Unsecured Devices – Students and employees connecting a multitude of devices to the campus network that may be unsecure and unsafe – making the campus network vulnerable. It’s increasingly popular for campus members to have more than one or two devices that are connected to your institution’s network. With a multitude of devices on campus and connected to your network, ensuring they’re all secure can be complex work.

How to Stay Safe?

  • Implement security policies across campuses in regard to your network and ensure students are using the latest practices to keep their devices secure.
  • Implement cybersecurity training across campus for all members, so that users can better understand the existential threats, how to identify cyberthreats, and what to do if they have been hacked.
  • Encourage users to register any and all devices connected to your campus network, so members can be accountable for their devices.
Cybersecurity Threats for Higher Education

Cloud Security – Data stored in the cloud is easily susceptible to breaches as it’s stored on third-party servers that may not be completely secure. Virtual data storage, or cloud services, came about to make everyone’s life easier. It’s very accessible, affordable, and secure. It’s not without its limitations though and organizations can find themselves in difficult positions, if their data ends up being compromised.

How to Stay Safe?

  • Periodically back-up your data stored on the cloud to a physical device.
  • Avoid keeping personal data on the cloud, specifically employee and student records.
  • Encrypt all data stored virtually. Even if someone receives access to your files, they won’t be able to access the data without the passkey. (Some cloud services offer this feature).

 

Identity and Access Management – The management of user login information or the lack thereof and individual user access to critical information within a system or organization. Many campuses utilize single sign-on, which provides employees and students to utilize only one set of login credentials. It also allows institutions to better control access to certain programs, or the level of access.

How to Stay Safe?

OWN IT. SECURE IT. PROTECT IT.

dhs_ncsam2019_logob

If you’re looking for different ways to engage campus members about cybersecurity awareness, make sure to review 2019 Toolkit from CISA and NCSA.

The toolkit provides a variety of digital resources and strategies for organizations and individuals to help drive conversations around cybersecurity.

 

OWN IT. – Understand your digital profile.

On average, most individuals own around 2-3 connected devices. As connected devices increase, it’s critical that individuals better understand the devices they are using to make sure they are keeping themselves and their information safe.

SECURE IT. – Secure your digital profile.

Cybercriminals are becoming more sophisticated with their techniques, so individuals should better understand their devices security features and learn how to apply additional security layers.

PROTECT IT. – Maintain your digital profile.

All of us have digital profiles. Any time you click, send, and/or post information – it creates a digital trail, which cybercriminals can try to exploit. It’s crucial that you understand, secure, and maintain your digital profile. Remember to regularly check your privacy settings.

Most of all, take this time to review current cybersecurity strategies and protocols implemented at your institution. These threats will only continue to increase and become even more dangerous, so it's critical to inform all campus members of the role they can play to help protect your digital framework.

training_laptop_edtech_award

Preview Our Cybersecurity Programs

Our evidence-based and effective cybersecurity and information technology courses are available for faculty, staff and students to encourage better strategies for personal safety while online. Our library includes a variety of courses written by higher education experts.

MAKE YOUR CAMPUS EVEN SAFER