Keeping Information Security Simple – CrowdStrike’s big goof and the importance of Cyber Hygiene
Letter from the CISO, Vol 4 Issue 2 Washington University Community: Last Friday, all the news was about the millions of Windows computers around the world that had been taken down by a flawed CrowdStrike file update. Starting in the wee hours of Friday morning, systems administrators and computer users everywhere were struggling to boot […]
Inside ABC: Our Monthly Newsletter
In this series we are exploring key aspects of our Information Security Awareness, Behavior, and Culture program. If you are a regular reader of this newsletter, you may have read our first article in this series entitled Inside ABC: Awareness, Behavior, and Culture. If you missed that one, you may want to read it first […]
Chance to Win $100 in Our Monthly Challenge
The Office of Information Security (OIS) is always looking for ways to improve your security and reward your participation in helping to secure WashU. Back by popular request, the InfoSec team is continuing to assign the Inside Man series as our competition this July. The Inside Man is a soap opera-style training that covers critical […]
Scam of the Month: Washington University – internship and management Programs – PAID
The Office of Information Security has observed a trend in which criminals advertise a job while impersonating someone from a university in Mexico. Impersonation is one of the most effective social engineering tactics scammers use, and it can be particularly enticing if offered employment. If you see a message like the one below, please do […]
Meet Your InfoSec Team: Jeremy Howard, Security Analyst III
Jeremy Howard, security analyst III, is one of the newest members of our InfoSec team. Jeremy’s primary responsibilities as a Security Analyst III are to “manage and review events and increase the organization’s security posture by using our Data Loss Prevention program.” He also “provides guidance regarding information security pertaining to clinical workflows.” Jeremy notes […]
Keeping Information Security Simple – “How to be a Telephone Fraud Prevention Hero”
Letter from the CISO, Vol 4 Issue 1 Washington University Community: An enormous amount of fraud is still being perpetuated via phone calls even though many people don’t use telephones very much. Cybercriminals seek your credit card or bank account numbers, access to your online bank accounts, and to install malware on your computer. But […]
Cloud Threats, Opportunities, and Safety
As more data, identities, and services move to the cloud, they are increasingly targets of threat actors with potentially life-altering consequences. In 2017, a breach of Equifax leaked the Social Security Numbers (SSNs) of 143 million Americans. While writing this article, Ticketmaster and its vendor, Snowflake, suffered a major data breach. Those are just two […]
Chance to Win $100 in Our Monthly Challenge
The Office of Information Security (OIS) is always looking for ways to improve your security and reward your participation in helping to secure WashU. Back by popular request, the InfoSec team is continuing to assign the Inside Man series as our competition this June. The Inside Man is a soap opera-style training that covers critical […]
Scam of the Month: Direct deposit bank account changed
The Office of Information Security observed a trend where criminals email members of our community false direct deposit change notifications with a malicious link. They hope the victim will click the link and give their WashU credentials or direct deposit information. Payroll Services does not change direct deposit information. Only employees can change it themselves […]
Meet Your InfoSec Team: Pete Nowikow, Information Security Analyst III
Pete Nowikow, information security analyst III, is one of the newest InfoSec team members. In his day-to-day role, Pete aids in designing and deploying Network Access Control (NAC, e.g., Cisco Identity Services Engine, or ISE). He also partners closely with the WUIT Network Engineering team and BJC. Pete will often work with several other departments, […]
Keeping Information Security Simple – “The Scariest Story and the 3 ‘U’-Word Indicators of a Cyber Con”
Letter from the CISO, Vol 3 Issue 12 Washington University Community: I sometimes fear that all the scary cybercrime stories I share will lose their motivating impact. And then I hear something even scarier. The scariest attack yet… The scariest attack I’ve heard to date is one in which people appear to receive a call […]
Inside ABC: Awareness, Behavior, and Culture
The WashU Office of Information Security (OIS) takes a holistic approach to security training and awareness. Our goal goes way beyond raising awareness through a required annual training. The Awareness, Behavior, and Culture (ABC) team aims to foster a resilient and adaptable security culture so WashU Community members know what to look out for, how […]
Chance to Win $100 in Our Monthly Challenge
The Office of Information Security (OIS) is always looking for ways to improve your security and reward your participation in helping to secure WashU. Back by popular request, the InfoSec team is continuing to assign the Inside Man series as our competition this May. The Inside Man is a soap opera-style training that covers critical […]
Scam of the Month: Duo Verification Code Text Phishing
Criminals who’ve stolen WUSTL Keys and passwords are masquerading as IT support over text messages to get us to enter Duo verification codes. Legitimate WashU employees will not ask you to enter codes into your Duo app. Only enter a verification code if you are logging in for yourself. Do not enter a code given […]
WashU IT’s Office of Information Security is fostering a strong security culture through policy updates
In support of ImpacT and the call to provide the university community with tools and the knowledge to safeguard and sustain our systems, data, and reputation, the Office of Information Security (OIS) has initiated a complete revision and expansion of the OIS policy library. The goal is to foster a strong security culture at WashU […]