Keeping Information Security Simple – Are you cyber-resilient?
Letter from the CISO, Vol 4 Issue 5 WashU Community: I recently attended an executive education program on “Cyber Resilience” with Chief Information Security Officers (CISOs) from many large organizations, some even global enterprises, and it was amazing how similar our challenges are. Cyber resilience is ensuring things keep working despite adverse cyber incidents The […]
Cybersecurity Awareness Month 2024 Recap
Cybersecurity Awareness Month 2024 is coming to a close. This year, we hosted two webinars, promoted key behaviors to encourage every employee to take control of their online lives, and published weekly newsletters full of content authored by the Office of Information Security. Below, you will find a recap of some of the key events […]
Season of Sharing: Metadata Safety Tips for the Holidays
As the holidays approach, many of us will be snapping photos and sharing our celebration recaps through various applications on our devices. While this connectivity can enhance our experience, it also exposes us to potential security risks. Understanding how our metadata—such as location, photos, and app-sharing permissions—can be compromised is crucial for maintaining our privacy […]
Scam of the Month: VITAL ALERT! READ N0W!
The Office of Information Security has observed a trend in which criminals advertise a job using a student’s email address from Clark Atlanta University. Impersonation is one of the most effective social engineering tactics scammers use, and it can be particularly enticing if offered employment. If you see a message like the one below, please […]
Careers in InfoSec: From Media Development to Building Security Culture
With the highly technical appearance of information security, entering the field may seem daunting. What does it actually take to work in information security? In this series, we’ll cover WashU’s information security professionals and how they got to where they are now. Let me introduce you to my boss, Quint Smith. What is your current […]
Meet Your InfoSec Team: Allison Webster, Information Security Policy Advocate
Allison Webster, our Information Security Policy Advocate, is one of the newest members of the InfoSec team at WashU. In her role, she supports the Awareness, Behavior, and Culture (ABC) program by collaborating on strategies to raise security awareness and communicating InfoSec policies, standards, and guidelines to the WashU community. At Washington University, Allison is […]
Reality Hijacked: Deepfakes, GenAI, and the Emergent Threat of Synthetic Media
Watch this on-demand webinar (1:06:11) where Perry Carpenter, Chief Evangelist and Strategy Officer at KnowBe4, spotlights how criminals weaponize artificial intelligence.
Email Safety Tips
Securing Mobile Devices
Device security is essential for protecting your privacy and data. Top-notch device security involves tweaking built-in features. Protect your devices and data using the strategies in the how-to guides below.
The Dangers of AI Art and Deepfakes
Artificial intelligence art generators are trained on billions of existing images. When you enter a prompt, the AI art generator builds an image by combining aspects of its training data into a single image. Meanwhile, deepfakes are trained on photographs and videos of one subject to replicate that subject. Deepfake technology can depict a person […]
QR Code Safety
QR codes (quick-response codes) were originally designed to label automobile parts, but today, we can find them in advertisements, restaurants, museums, mobile ticketing, and many other areas. Since both Androids and iPhones can scan QR codes in the camera app, QR codes provide faster access to a website than manually typing a URL. While convenient, the […]
Spot the Fake Login
Scammers can create fake login screens that are strikingly similar to legitimate ones. One of the login screens pictured above is our true WUSTL login screen, and the other is an imitation. Can you spot all of the differences? To make this more challenging, we’ve cropped out the URL from each login screenshot. Seeing the […]
Stay Safer with Multifactor Authentication
Multifactor authentication provides another layer of security for online accounts. The first “factor” for an account is usually a password, and any additional authentication step makes it harder for a hacker to access your account. Common multifactor authentication offerings are codes sent via text or email, dedicated authenticator apps like Duo, and fingerprint or facial […]
Managing Passwords
Using strong passwords with the help of a password manager is one of the easiest ways to protect your accounts and keep our information safe. Let a password manager do the work A password manager creates, stores, and fills passwords for us automatically. This way, we only have to remember one strong password—for the password […]
Cyber Risks at a New Job
The onboarding process creates a unique set of security risks. As new employees, we’re often eager to make a good impression, but we have little institutional knowledge. These factors make new employees valuable targets for hackers. Due to unfamiliarity with WashU’s processes and security protocols, a new employee might not know how to recognize an email […]