Cybersecurity Awareness Month 2021

Happy October! Every October, in alignment with Cybersecurity Awareness Month, the BU Information Security Team reaches out weekly to communicate a security topic of importance to the BU community in an effort to keep our community protected. Can we count on you to Do your part. #BeCyberSmart? Support us and download a BU Cybersecurity Awareness Zoom Virtual Background here:

BU Zoom Virtual Background 1

BU Zoom Virtual Background 2

BU Zoom Virtual Background 3

Follow us all month long on Twitter

Week 4 October 26th

Security Action to Take This Week: Check out the BU Phish Bowl for the latest emails scams that have been reported by our community. Being vigilant and knowing what is out there will prepare you for when a phish makes its way into your inbox. This website will show you actual (and timely) phishing scams that have made it onto our network so you can identify them and avoid getting hooked!

Resource of the Week: For more information on phishing, including how to spot a phish and related training opportunities, visit our BU Phish Guide.

Save the date and register: This Friday October 29, 2021 from 1pm -2:30pm, the School of Public health, BUMC IT & IS&T will host “Cyber Attacks & the Threat Landscape” led by Doug Domin, FBI Boston. For more information and to register for this Zoom event visit: https://www.bu.edu/tech/support/information-security/csam/events/

Security Heroes: Check out this week’s honorees, students Priyanka Banerjee and Alexander Bulekov, and learn more by visiting the Security Hero website. Have a security hero we should hear about? Email us at buinfosec@bu.edu.

Week 4 Communication: Phishing

Week 3 October 19th

Security Resource & Action to Take This Week: Visit the Terrier Cybersecurity Checkup and run a checkup on your BU account!

The Terrier Cyber Check Up will do the following for you:

• Validate your Duo Devices This will display the device and phone numbers you have registered with Duo Two-factor Authentication at BU. Any old devices associated with your account? You may want to remove them and make sure all your information is up to date.
• Check your BU Password Health This will display the age of your BU password. The longer you keep the same password, the more likely it is to be captured or guessed. Had the same password for a year or more?  It might be a good time to change it!
• Check for Data Breaches This will display anywhere that your BU email address has been known to be associated with a data breach. Has your account been part of a password data leak? You’ll want to update your password ASAP!

Save the date and register: Friday October 29, 2021 from 1pm -2:30pm, the School of Public health, BUMC IT & IS&T will host “Cyber Attacks & the Threat Landscape” led by Doug Domin, FBI Boston. For more information and to register for this Zoom event visit: https://www.bu.edu/tech/support/information-security/csam/events/

Security Hero: Check out this week’s honorees Lauren Kehoe, and learn more about our Security Hero program. Have a security hero we should hear about? Email us to nominate them at buinfosec@bu.edu.

Week 3 Communication: The Terrier Cybersecurity Checkup

Week 2 October 12th

Resource of the Week: Check out Ransomware Guide 2021, a guide for learning more about what ransomware is and how to protect yourself 

Security Action to Take This Week: Security Action to Take This Week Download Crowdstrike End Point Protection to help protect yourself from ransomware. It’s free of charge for all students, faculty, and staff for their personal laptop or desktop computers. Crowdstrike is the next generation of antivirus protection replacing McAfee.

Here are some tips to keep you safe from Ransomware:

• Keep all software up to date, including operating systems and applications.
• Back up your data regularly.
• Don’t open attachments or links from unknown sources.
• Use multifactor authentication (a reminder from last week).
• Report it! Contact the IT Help Center (or your college or department’s local IT support) before taking any action if you find yourself victim to a ransomware scam.

Security Hero: Check out this week’s honorees Billy Hajjar & Heather Gillis, and learn more about our Security Hero program. Have a security hero we should hear about? Email us to nominate them at buinfosec@bu.edu.

Week 2 Communication: Ransomware

Week 1 October 5th

Resource of the Week: Check out Boston University Security 101 a guide for protecting yourself and educating your team on cybersecurity best practices including multifactor authentication.

Security Action to Take This Week: Add multifactor authentication to your online accounts whenever possible.

Here’s instructions on how to add multifactor authentication to the most popular social sites:

• Facebook
• Instagram
• Twitter
• LinkedIn
• Snapchat

Security Hero: Check out this week’s honoree Tasha Coughlin, and learn more about our Security Hero program. Have a security hero we should hear about? Email us to nominate them at buinfosec@bu.edu.

Week 1 Communication: Multifactor Authentication

---

Cybersecurity Awareness Month History

Cybersecurity Awareness Month was launched by the National Cyber Security Alliance (NCSA) and the U.S. Department of Homeland Security (DHS) in October 2004 as a broad effort to help all Americans stay safer and more secure online.

When Cybersecurity Awareness Month first began, the awareness efforts centered around advice like updating your antivirus software twice a year to mirror similar efforts around changing batteries in smoke alarms during daylight saving time.

Since the combined efforts of NCSA and DHS have been taking place, the month has grown in reach and participation. Operated in many respects as a grassroots campaign, the month’s effort has grown to include the participation of a multitude of industry participants that engage their customers, employees and the general public in awareness, as well college campuses, nonprofits and other groups.

Between 2009 and 2018, the month’s theme was “Our Shared Responsibility.” The theme reflected the role that we all – from large enterprises to individual computer users – have in securing the digital assets in their control.

In 2009, DHS Secretary Janet Napolitano launched Cybersecurity Awareness Month at an event in Washington, D.C., becoming the highest-ranking government official to participate in the month’s activities. In subsequent years, leading administration officials from DHS, the White House and other agencies have regularly participated in events across the United States.

In 2010, the kickoff of Cybersecurity Awareness Month also included the launch of the STOP. THINK. CONNECT. campaign. President Obama’s proclamation for the month includes STOP. THINK. CONNECT. as the national cybersecurity education and awareness message.

Also in 2010, NCSA began moving the launch of the month to sites around the country. The month has been launched in Seattle and Bellevue, WA, Ypsilanti, MI, Omaha, NE, Boston, MA, Nashville, TN, and Washington, D.C.

Starting in 2011, NCSA and DHS developed the concept of weekly themes during the month. This idea was based on feedback from stakeholders that the many aspects of cybersecurity should be better articulated, making it easier for other groups to align with specific themes. Themes have included education, cybercrime, law enforcement, mobility, critical infrastructure and small and medium-sized businesses.

The collaboration of NCSA and DHS on Cybersecurity Awareness Month is one of the many successful public-private partnerships that are so critical to cybersecurity.