Cybersecurity Awareness Month (CAM) is part of a global effort to recognize the importance of security in the digital space every October. CU Boulder is joining the CU System in getting back to security basics, with an emphasis on best practices that we should be doing all year long, for every device - work, school, and personal.
This year we’re providing up-to-date resources, raffles and webinars focused on securing both your CU Boulder and at-home data.
Students: Celebrate CAM with a scavenger hunt
Students are an important part of cybersecurity awareness month on campus! This year, we are offering students the chance to test their ability in a virtual scavenger hunt.
How to participate in the virtual scavenger hunt:
- On the week of October 21, a link will be shared in the student edition of CU Boulder Today.
- Students can click on the link to begin the scavenger hunt.
- The link will lead to a form where students will see important links to websites that will be needed to find clues to the answers for 10 questions.
- Once a student has finished answering all the questions, they can submit their answers to the OIT security team.
The rules are as follows:
- The scavenger hunt will start on October 21, 2024, and students will have until October 25, to complete the 10-question form.
- If students get at least 80% of the questions correct, their name will be placed into a raffle.
- On October 28, the five raffle winners will be contacted via their CU Boulder email address and will be given the opportunity to pick a prize from a number of CU swag options. You must be a currently enrolled student to be a prize winner.
Cybersecurity & Infrastructure Security Agency (CISA) Webinar 10/24
On October 24, CISA will be hosting a webinar for our campus drawing upon their real-world experiences with cyber threats. Come learn more about how ransomware attacks affect a variety of different government and private sectors. The presentation will give examples of what, how, when, and the cost of ransomware attacks CISA has witnessed and helped with in the past year.
To register for this webinar, please visit CU System’s CAM webpage.
Resources and exercises to keep you secure
Every year, Cybersecurity Awareness Month focuses on improving data security and protecting internet users around the world. This year’s topics focus on best practices around passwords, authentication, phishing and keeping systems up to date. Check out the CU resources below to learn more.
Top 10 Actions to Reduce Risk
Did you know that the CU System Office has a webpage with guidance to help you prevent and protect against security incidents? Check out their Top 10 Actions to Reduce Risk webpage. The webpage provides the 10 actions you can take to reduce your IT security risk with detailed steps to ensure you are being proactive in your IT security journey.
Up Your Password Game with a Password Manager
Strong passwords are critical to protecting data. They are long, random, unique and include all four character types (uppercase, lowercase, numbers, and symbols). Password managers are a powerful tool to help you create long, random and unique passwords for each of your accounts. Plus, they make storing passwords and user IDs easy, and logging in a breeze. Visit OIT's Password Managers page to learn more.
Turn On Multi-Factor Authentication (MFA)
You need more than a password to protect your online accounts, and enabling MFA makes you significantly less likely to get hacked. Enable multi-factor authentication on all your online accounts that offer it, especially email, social media, and financial accounts. And use authentication apps or hardware tokens for added security.
For personal use, we recommend making sure that email services and important accounts, like the ones you use for banking and finance, have MFA enabled.
Check out these MFA resources
Recognize & report phishing
Phishing emails, texts and calls are the number one way that data gets compromised; this is backed by years of data breach research. Be cautious of unsolicited emails, texts or calls asking for personal information. Avoid sharing sensitive information or credentials over the phone or email, unless necessary, and don’t click on links or open attachments sent from unknown sources. Verify the authenticity of requests by contacting the individual or organization through a trusted channel; not by responding to the sender.
If you're not responding to phishing, you’ve already protected yourself, but you can help protect others by reporting phishing attempts! If you receive a phishing email at your university account, follow OIT's instructions for reporting phishing emails so that OIT Security can block it for others and protect your fellow faculty, staff and students.
If you receive phishing to another account, there may be built-in features you can leverage or you can forward the message to the impersonated company’s phishing mailbox; usually phishing@examplecompany.com.
How to report phishing to:
Update Software
Ensuring your software is up-to-date is the best way to make sure your devices are protected from the latest threats. Regularly check for updates if automatic updates are not available and keep operating systems, antivirus software, web browsers and applications up-to-date.
University-provided systems for your work as faculty or staff frequently have software installed to help make sure you patch early and often, in accordance with our Secure Computing Standard for Computers. For personal devices, we’ve included some links below to help:
IT security and campus security resources
Looking for more information? Here are some CU Boulder resources to keep you safe year-round:
- OIT Security – the team helping keep CU Boulder’s online spaces secure.
- Got a question for OIT Security? Email security@colorado.edu to get started.
