2023
"Secure Our World: The Vital Role of Passwords, MFA, and Software Updates"
In a world driven by digital connectivity and technology, the theme "Secure Our World" resonates more than ever. As the next generation of innovators, leaders, and professionals, it's crucial to understand the importance of secure passwords, Multi-Factor Authentication (MFA), and software updates in safeguarding our digital lives and contributing to a more secure global environment.
- Passwords: The First Line of Defense
Passwords serve as the initial barrier between your digital assets and potential threats. Here's why they are essential:
- Protection of Personal Information: Your passwords are the keys to your online identity. They guard your email accounts, social media profiles, and academic records. Compromised passwords can lead to identity theft and privacy violations.
- Prevention of Unauthorized Access: Using strong and unique passwords for each account reduces the risk of unauthorized access. It ensures that even if one account is breached, the others remain secure.
- Defense Against Cyberattacks: Passwords are your frontline defense against common cyberattacks like phishing and brute force attacks. Choosing complex passwords with a mix of characters makes it harder for attackers to guess them.
- Multi-Factor Authentication (MFA): The Extra Layer of Security
MFA takes your online security to the next level by requiring multiple forms of verification:
- Enhanced Protection: MFA adds an extra layer of security by requesting a second form of verification, often something you have (like a smartphone) or something you are (biometrics). Even if someone knows your password, they can't access your accounts without the additional factor.
- Guarding Against Phishing: Phishing attacks trick users into revealing their passwords. MFA helps thwart these attacks because even if you fall victim to phishing, the attacker won't have the secondary verification factor.
- Safety for Sensitive Data: You often handle sensitive data, including academic records and financial information. MFA ensures this data remains secure from prying eyes.
- Software Updates: Patching the Holes
Regularly updating your software is essential for maintaining a secure digital environment:
- Security Patching: Software updates often include crucial security patches that fix vulnerabilities. Ignoring updates can leave your devices and systems susceptible to exploitation.
- Optimal Performance: Updates not only enhance security but also improve the performance and stability of your devices and applications. They ensure that your technology works efficiently when you need it most.
- Compatibility: You'll encounter various software tools. Keeping them up to date ensures compatibility with your work or studies, preventing frustrating software issues.
In conclusion, you play a vital role in shaping the future. Embracing secure passwords, Multi-Factor Authentication (MFA), and regular software updates isn't just about personal convenience, it's about contributing to a safer, more secure digital landscape. By practicing these cybersecurity measures, you're not only protecting your own digital assets but also helping to "Secure Our World" for generations to come. Be proactive, stay informed, and take action to ensure a safer digital future for all. For more tips and tricks follow us here @JWUITSecurity
2022
2022 Cybersecurity Awareness Month
October is Cybersecurity Awareness Month, a national effort to help everyone stay safe and protected when using technology whenever and however you connect. This year’s theme, “See Yourself in Cyber,” emphasizes that as everyday technology users, we have a key role to play in cybersecurity threat prevention, detection, and remediation. As a National Cybersecurity Alliance (NCSA) champion, JWU is launching a month-long program to create awareness about cybersecurity. The weekly themes for this year includes the following:
Week 1: Recognize phishing, which is still among the primary threats from cybercriminals.
Week 2: Identity Theft & Internet Scams.
Week 3: Working from Home.
Week 4: Know the classification and sensitivity of the JWU information you manage and how to keep it safe.
Recognize phishing, which is still among the primary threats from cybercriminals (Oct 1st - Oct 8th -2022)
It’s that time of the year again, where every week, we “dive” into the waters of relevant cybersecurity topics to help you become more aware and safer with everyday technology use. Speaking of waters, make sure to stay away from being phished!
Phishing happens when a threat actor impersonates a trusted source and sends fraudulent emails to reveal confidential information. The target, you, would be prompted to click a link or download a file. Why should you care about phishing? It is the most successful, common cyber-attack and it is crucial for your organization that users pay attention to detail.
How to you defeat phishing?
- Never click on embedded hyperlinks
- Report the phishing to phishing@jwu.edu
- Ensure URLs begin with https
- Verify the email belongs to a trusted source.
Below are sources to help inform, interact, and engage you with recognizing phishing as a primary threat.
Helpful tips/resources:
IdentityTheft (Oct 8st - Oct 15th -2022)
Quick, I need your information now! You were just picked to win a $1,000 gift card. Hurry before it’s too late! Just submit your credit card information below and you can expect your gift card within 48 hours. Stop, doesn’t it sound too good to be true? Last week, we talked about Phishing, which is a major Internet Scam. Internet Scams are schemes used for financial gain. While you think you won, you’ll lose that same amount from a simple input of your Personal Identifiable Information. Once that information is stolen, Identity Fraud can take place. Never offer information to unprompted sources. Sold something online where someone gave you a check over the price asked and they wish for a refund? Might be a case for a counterfeit check. Be cautious and See Yourself In Cyber by implementing the best security practices!
Helpful Resources:
- Identity Theft Video
- Avoid Online Scams (Interactive)
- Online Scams Article
Work from Home (Oct 17 - Oct 22 2022)
Working from home feels like a vacation, doesn’t it? Grab a beverage, sit in an isolated area, grab a device, and just work. You can go to your kitchen, grab a snack or meal, bring it back, blast music, and continue your work before a meeting. While it may seem great, it’s possible your physical security and cyber security is not up to standard. Here are a few things that you can do to ensure the security of your data at home too.
* After a day of work, secure your work device and the working environment.
* Store Confidential workplace information in a secure place, never share workplace information with third parties, and make sure no work-related device is used by other personnel.
Additionally, a home router’s password should be changed to a unique password rather than a default use case. As a user of many IoT devices, keep such devices up-to-date, whether it be for the operating system or software. Lastly, for strong suggestions, users should use two-factor authentication along with using anti-virus software for access control and having a secure device. Keep security a priority by #SeeYourselfInCyber.
Helpful resources:
Know the classification and sensitivity of the JWU information you manage and how to keep it safe.(Oct 24 - Oct 28 2022)
Organizations face a reoccurring issue, their users. Users hold sensitive, key information that is shared across the network on a daily basis. Sometimes these users, especially professors, will unfortunately be compromised because of unintentional actions. These actions can range from visiting a malicious website, clicking on a suspicious attachment, downloading software from an untrusted/unauthorized source, or not abiding by certain organizations policies that may lead to being compromised. As a JWU member, please refrain from accessing the JWU Network without running anti-virus software on your devices. Additionally, while you may wish to keep your personal information safe, practice the same cyber security steps in order to make the JWU Network safe as if it’s your own home. We, as a university, have a wider net of devices to cover when connected to a network, play your part and be cyber smart. #SeeYourselfInCyber.
Helpful Resources:
2021
Be Cyber Smart (Oct 1st - Oct 8th -2021)
At a time when we are more connected than ever, being “cyber smart” is of the utmost importance. This year has already seen more than a fair share of attacks and breaches, including the SolarWinds and Kaseya breaches, as well as high-profile attacks on the Colonial Pipeline and other critical infrastructure. JWU is working hard towards preventing any cybersecurity attacks, but there are also measures you can take to help eliminate the possibility of a cyber-attack. Whether you are connecting from home or on campus, constant exposure and awareness to new attack techniques will help minimize the threat against cybersecurity attacks. Knowing what to look for and what to avoid is critical in the fight against cybersecurity scams.
Useful Resources
- 2021 Social Engineering Red Flags
- Own-Your-Role Poster
- Password Security Training
- Frauds & Scams Targeting College Students
Fight the Phish (Oct 9th - Oct 15th 2021)
Phishing attacks account for more than 80% of reported security incidents. This statistic highlights the importance of being careful around emails and texts from unexpected people. Furthermore, more than 90% of phishing attacks are carried out via email, a known method of phishing attacks. A common identifying factor in these emails is the urgency of the subject line combined with grammatical errors. Phishing attack methods ranges from smishing (SMS / text messages) to vishing (voice) and phishing based on social media platforms. Phishing is not only a social engineering method to obtain confidential information, but also a method to deliver malicious software to your device.
Useful Resources
CyberCareers & What next ?
As we near the end of National Cybersecurity Awareness month, We answer the two most Frequently Asked questions.
How can one join this field and contribute their bit to the cyber world? Cybersecurity Career Awareness is set to inspire, promote, and explore new opportunities within the Cybersecurity field. The base of cyber studies revolves around the concept of aiming to protect the confidentiality, integrity, or availability of systems and data. Students are taught how to protect operating systems within devices, protect sensitive data, and protect networks. As attacks become more sophisticated with the growth of technology, the demand for Cybersecurity professionals arises. One can notice, Cybersecurity careers can be for everyone.
What next after NCSAM ends? National Cybersecurity Awareness Month is coming to an end, but that doesn’t mean we can stop implementing the best security practices for all devices & networks, fighting the phish, or exploring new careers within the Cybersecurity field. “Cybersecurity First”, for security is a priority. As an organization, we need to be vigilant about providing security awareness training for oncoming employees and issuing the necessary tools to promote safety. End users focusing on day-to-day internet activity, research should take place before purchasing a product or using a service involving Personally Identifiable Information (PII), either online or in person. For all, passwords must be updated continuously and never re-used in other applications. Do remember: "Cybersecurity is much more than an IT topic because you are an essential ingredient in our ongoing effort to reduce Security Risk”.
Useful Resources