October is National Cybersecurity Awareness Month!
Recent high-profile cybersecurity incidents like breaches at the US Office of Personnel Management, Sony Entertainment, and UCLA Health remind us of the ever-present security risks we all face. A clip of the Norse Attack Map shown above illustrates the millions of ongoing real-time cyberattacks happening around the world. Since October is National Cybersecurity Awareness Month, now is a great time to review your current practices and implement simple steps to reduce your personal exposure and that of the University. A good first step is to watch the Cyber Security Awareness videos that cover various topics, including how to keep a clean machine, and connect with care. We also have a few announcements.
We launched a new UCSB Information Security website to concentrate resources from across campus and the Internet for your quick reference. The site includes news, information for faculty/staff, tips on social media and security, forms for reporting security incidents, and a multitude of articles, blogs and website links. This site will be updated weekly, so take a look around and come back often. Virtually all successful cyberattacks use legitimate user credentials. The most common way criminals access these credentials is through phishing, where users indiscriminately click email links and provide their usernames and passwords. Check the new UCSB Information Security website for more information on phishing.
Also keep in mind that good security practice requires unique and complex passwords for each of your accounts. This can result in dozens of passwords that are hard to keep track of securely. Password management tools can help. UCSB has arranged a volume license for a password management tool: Password Wallet from Selznick Scientific Software, LLC. Password Wallet allows you to manage your passwords and store them securely. It includes features to make it easy to use including auto-type and synchronization between multiple devices. If you would like this application installed on your computer you can submit an isDesk ticket and a technician will help you with the process.
The University of California is launching a system-wide initiative requiring all UC faculty and staff to complete cybersecurity awareness training annually. We will roll out a new online course soon. It is built around short, fast-paced videos designed to teach and reinforce cybersecurity skills. Lastly, remember that cybersecurity precautions at home are as important as they are at work. Accept system updates when they are offered. Run antivirus software. If you have children, teach them to be safe online. You will find many helpful pointers on the information security website.
You hold the key to securing yourself and our campus community. Please use it wisely.
By Kip Bates & Sam Horowitz