WashU’s multi-factor authentication provider is Duo, an industry leader in cybersecurity services. You can improve the strength of multi-factor authentication by opting for multi-factor authentication exclusively via an app. Here is a link that helps you set this up for WashU MFA Where can I change my device’s default authentication method? (duo.com). Did You Log […]
Category: Cybersecurity Awareness Month
Revised and Updated Policies 2022
The Washington University in St. Louis Office of Information Security (OIS) supports education, research, and clinical care by protecting systems and data for everyone at our institution. Information security is essential to every member of our community, and we all share personal responsibility for ensuring the security of our systems. We continuously improve our systems […]
The Anatomy of a Data Breach: What to do When You Spot One
The term “data breach” has dominated the tech world the last 24 months. From breaches that have impacted critical infrastructure like the Colonial Pipeline to hackers compromising healthcare records at UC San Diego Health, headlines of cybersecurity mishaps saturated news in the last two years. Yet, despite the prevalence of the breach-centric news cycle, many […]
Cybersecurity Awareness Month: Updates
You can control when your WashU computer updates using the Updates section in Software Center. Most updates require your computer to restart, so please save all work beforehand. You can configure automatic updates to run outside of your business hours using these steps: Navigate to Software Center. Select Options. Work Information section: Enter your Business Hours. […]
Cybersecurity Awareness Month: Ransomware
Ransomware is malicious software that renders data and systems unusable until the targeted individual or organization pays a ransom. Find out more at Ransomware | Office of Information Security | Washington University in St. Louis (wustl.edu). Cybersecurity Awareness Month Test Your Knowledge Competition We invite you to show us what you know by entering our […]
4 Easy Steps for Staying Secure in 2022
Cybersecurity has become one of the biggest hot topics both inside and outside of technology circles over the last two years. From securing learning devices due to a rise in digital learning during the COVID-19 pandemic, to coping with the fallout of high-profile breaches of national infrastructure such as the Colonial Pipeline, there is a […]
Cybersecurity Awareness Month: Passwords
For tips on how to strengthen your passwords, visit How can I make my password secure? – Information Technology (wustl.edu). If you see fit to change your WUSTL key password, you can read the guide at How do I Change my WUSTL Key Password – Information Technology. Cybersecurity Awareness Month Test Your Knowledge Competition We […]
Cybersecurity Awareness Month: Phishing
When you receive a suspicious email, please report it using the Phish Alert Button (PAB) from your Outlook account. Cybersecurity Awareness Month Test Your Knowledge Competition We invite you to show us what you know by entering our Test Your Knowledge: Cybersecurity Awareness Month edition. Complete this activity to test what you know and receive an entry […]
Cybersecurity In The Home: 3 Steps Households Can Take
The COVID-19 pandemic forced millions of Americans to embrace working from their own home – a concept most had limited or no experience with at the time. And while many employees have returned to the office, a recent University of Chicago study found that 72% of those surveyed would like to continue working from home […]
Phish Alert Button Video Guide
Phishing is the most common tool used by cybercriminals to steal login credentials, personal information, data, and intellectual property. If you receive a “phishy” email (i.e., an email that demands unexpected quick action, comes from an unknown sender, asks you to supply login credentials or other personal information, etc.), please protect yourself and others at […]
October is Cybersecurity Awareness Month
Cybersecurity Awareness Month in October is a global effort to help everyone stay protected whenever and however they connect. The theme for the month is “It’s easy to stay safe online,” and The Office of Information Security is proud to be a Cybersecurity Awareness Champion, supporting online safety throughout the year. We’re here to help […]
Win Up To $1,000 in Our Cybersecurity Awareness Month Test Your Knowledge Competition
The Office of Information Security (OIS) is always looking for ways to improve your security and reward your participation in our efforts. For this year’s Cybersecurity Awareness Month, we broadened the range of topics covered by our knowledge test, and we increased our prize amounts accordingly. We hope that taking this quiz and playing the […]
Last Chance for Prizes and Cybersecurity Awareness Month 2021 Recap
Cybersecurity Awareness Month 2021 is in the rearview mirror! This year, we set out on the Road to Cybersecurity together. We hosted several events, sent out weekly security tips, and published a great newsletter full of original content authored by WashU’s information security staff. Competitions Our Cybersecurity Awareness Month competitions are always popular. In 2020, […]
Keeping Information Security Simple – Backup, Backup, Backup
Letter from the CISO, Vol 1 Issue 5 Washington University Community: Many years ago, a respected colleague told me that for her, the ultimate security was knowing that she could get her data back if something bad happened. This was a bit of a shock to me, as I was young and inexperienced enough to […]
Know the Rules of the Road
We’re on the last leg of our road trip, but our cybersecurity adventure is far from over. The WashU Office of Information Security will always be your trusty navigator and loyal travel companion on the Road to Cybersecurity. We’ll help you steer through the twists and turns of the road ahead and give you a […]
Test Your Knowledge Competition
To wrap up another successful Cybersecurity Awareness Month, we invite you to show us what you know by entering our Test Your Knowledge Competition. Complete this activity to test what you know and receive an entry for one of several Bear Bucks awards. Prizes Grand Prize: $500 BearBucks credit. Additonal Prizes: $250 BearBucks credits. Don’t […]
Enter Our Student Prize Competition
On October 20th, CISO Chris Shull and WashU Computer Science Major Skylar Fong cooperated to run a webinar discussing Careers in Cybersecurity. Dozens of students participated in the evening event. Chris Shull offered valuable insights about the interdisciplinary nature of cybersecurity and the qualities that he looks for in a prospective new hire. Skylar shared […]
Scam of the Month: DocuSign Phishing
Attackers continuously adjust their tactics to circumvent our defensive strategies, using new methods to access our systems, data, and personal information. Even as attackers develop new scams, one element seems to carry on—impersonation. Our office frequently publishes about impersonation because it forms the basis of most phishing attempts. Often, attackers impersonate a high-ranking employee in […]
Meet Your InfoSec Team: Betsy Ball, Information Security Architect
Betsy Ball is a highly experienced IT professional with more than 30 years of experience, including work in user support as well as server, network, and firewall administration. In her role at WashU, she serves as an Information Security Architect, working with the Risk Assessment team on IT infrastructure assessment and supporting the Cybersecurity Maturity […]
Verify and Report
This week, read about how the employees of FireEye and SolarWinds responded to a hack and where a timely verification would have changed the outcome. The SolarWinds hack was first spotted by someone at FireEye, a cybersecurity company. A staff member noticed that an employee signed in using their username and password but a new […]
Student Prize Competition 2021
Thank you for your interest in our student prize competition! Use the Phish Alert Button (PAB) to report phishing attempts for your chance to win! To participate, register here by November 3rd: https://wustl.az1.qualtrics.com/jfe/form/SV_7418aAb5ROape6i Additional Resources from Webinar Slide deck Event Recording Using the Phish Alert Button About the KnowBe4 Program
The Race Against Ransomware
Ransomware is a specific category of malware that causes harm to the computer and the computer system. The U.S. Cybersecurity and Infrastructure Security Agency defines ransomware as “an ever-evolving form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable.” The threat actors (hackers) behind […]
Cyberattacks are speeding up
Organizations have been a driving force behind cybersecurity awareness and training. It’s more important than ever to be up to date with cybersecurity knowledge so that attacks don’t happen on your watch. In these special edition Cybersecurity Awareness Month articles, you’ll read about damaging attacks that happened in 2021 — and how employee actions changed […]
Keeping Information Security Simple – Physical Security Comes First
Letter from the CISO, Vol 1 Issue 4 Washington University Community: Physical safety is a fundamental need of all animals, humans, computer systems, and devices. Last month I encouraged everyone to adopt a healthy dose of skepticism and paranoia regarding email, text, and social media messages to avoid becoming victims of social engineering attacks. This […]
Cybercrime and Human Intelligence
To defend ourselves against cybercrime, we cannot rely on technology alone. Cybercriminals constantly try different attack strategies, attempting to confuse, surprise, and manipulate their targets. Phishing emails are the most common attack strategy, and these messages are subject to the limitless creativity of their criminal authors. As a result, even state-of-the-art technology cannot perfectly detect […]
October is Cybersecurity Awareness Month
Cybersecurity Awareness Month is here! Cybersecurity Awareness Month is a global effort to help everyone stay protected whenever and however they connect. The Office of Information Security is proud to be a Cybersecurity Awareness Champion, supporting online safety throughout the year. We’re here to help every member of our community gain the knowledge and tools […]
SHRED-IT: Electronic Waste & Paper Shredding Drives
On Tuesday, October 19 and Tuesday, October 26, Operations & Facilities Management Department, the Office of Sustainability, WashU Office of Information Security, and BJC Information Security are teaming up to bring the WashU community e-waste recycling and confidential paper shredding services. All are welcome to bring accepted items to the collection drive. All confidential papers and hard drives […]
Scam of the Month—September 2021
Zero-Click Security Threat Earlier this month, the Office of Information Security published an alert about “zero-click” spyware. Typical cyberattacks require the target to interact in some way with malicious content by clicking on a link or downloading an attachment from an unknown sender. Zero-click attacks do not require this sort of engagement. According to the interim […]
Meet Your InfoSec Team: Denise Woodward, Information Security Manager
Denise Woodward is an Information Security Manager in Governance, Risk, and Compliance for our Office of Information Security. She has 27 years of experience in IT, 22 of which are in information security. She got her start in information security working on the Help Desk of A.G. Edwards & Sons and has enjoyed solving problems […]
Revised and Updated Policies 2021
The Washington University Office of Information Security (OIS) supports education, research, and clinical care by protecting systems and data for everyone at our institution. Security threats today are constantly changing as cybercriminals try new tactics to steal and hold ransom user and institutional data. To adapt to changes in the information security landscape, the OIS […]
Thank You for Participating in Cybersecurity Awareness Month 2020
The Office of Information Security extends its gratitude to the faculty, staff, and students who participated in the events and activities of Cybersecurity Awareness Month 2020! During the month of October, we hosted a slate of webinars and presentations to help our community stay informed and empowered in the digital era. This year, our program […]
E-Waste Recycling and Light Bulb Swap
The Office of Sustainability and the Office of Information Security are planning an e-waste recycling and light bulb swap event for Cybersecurity Awareness Month (October 2020). All hard drives collected in this drive will be securely and safely recycled by certified vendors. On the last Thursday of October (10/29) and first Thursday of November (11/5), the Office of […]
INFOGRAPHIC: Recognizing and Avoiding Business Email Compromise Attacks
INFOGRAPHIC: Practical Advice for Avoiding Phishing Emails
INFOGRAPHIC: Your Connected Healthcare
Welcome to Cybersecurity Awareness Month from CISO Kevin Hardcastle
Dear WashU community, Cybersecurity Awareness Month has arrived! Cybersecurity Awareness Month was launched in October 2004 by the National Cybersecurity Alliance and the U.S. Department of Homeland Security as a joint effort to raise awareness of cybersecurity issues and help people stay safe online. Now in its 17th year, Cybersecurity Awareness Month is observed around […]
WEBINAR: Topics in Security with Brian Allen
Information Security Manager Brian Allen will deliver a presentation on some of the most important topics in information security today. Brian will discuss the latest incidents and vulnerabilities detected on the WashU network during the last year and look at some new tools we have available to detect and remediate threats. We will be releasing […]
Revised and Updated Policies 2020
The Washington University Office of Information Security maintains a sustainable information security program supporting the vital work of education, research, and clinical care while also protecting our systems and users’ security. We can only achieve strong information security for all if we each take personal responsibility for ensuring our systems’ security. We continuously improve our […]
October is Cybersecurity Awareness Month
Cybersecurity Awareness Month is here! Cybersecurity Awareness Month is a global effort to help everyone stay protected whenever and however they connect. The overarching theme for the month is, “Do Your Part, #BeCyberSmart.” The Office of Information Security is proud to be a Cybersecurity Awareness Month Champion, supporting online safety throughout the year. We’re here […]
Information Security Manager Brian Allen to Speak at Virtual Zeek Week 2020
Information Security Manager Brian Allen will deliver a presentation entitled “Zeek, and Splunk, and Alertus, oh My” during Virtual Zeek Week 2020. This is a single session of a larger event that includes many opportunities to learn about technical aspects of the work being done by information security professionals. Details for registering for Virtual Zeek […]
Cybersecurity Awareness Month Is Right Around the Corner
October is Cybersecurity Awareness Month. Cybersecurity Awareness Month was launched as National Cybersecurity Awareness Month in October 2004 as a joint effort between the National Cyber Security Alliance and the U.S. Department of Homeland Security. The objective of National Cybersecurity Awareness Month was to raise awareness of the importance of cybersecurity and offer resources to […]
National Cybersecurity Awareness Month (NCSAM) is Coming!
WashU InfoSec is honored to be among institutions named NCSAM Champions. We champion the cause of information security in our community by offering information, resources, and events throughout the year with special offerings during NCSAM every October. Stay tuned for our schedule of October events to help you #BeCyberSmart. To see a complete list of […]