News

National Public Data, a background check company, confirmed in August that it suffered a data breach leaking names, email addresses, phone numbers, social security numbers, and mailing addresses.   Fortunately, there are many free and accessible steps you can take to defend against identity theft:  Indicators of Identity Theft  What to do if your information is […]

Dean Boenzi, Information Security Analyst III, is one of the newest InfoSec team members. Dean’s primary duties on the InfoSec team revolve around “ensuring data security and compliance.” He supports the Data Loss Prevention (DLP) program by “developing policies, conducting risk assessments, monitoring alerts, and investigating HIPAA violations to maintain patient privacy and to protect […]

Letter from the CISO, Vol 4 Issue 3 WashU Community:  As we all return to school and the fall semester, I wanted to emphasize the criticality of securing the most important online account you have.  No, not your WashU account! (Although that is important, too.)  Rather, it is your humble and largely taken-for-granted personal email […]

Cybersecurity threats continuously evolve, becoming more sophisticated, relentless, and hard to detect with each attempt. Helping the WashU Community learn how to recognize, avoid, and report these threats is crucial to protecting our institution, our research, and our people from bad actors who seek to steal and hold ransom the information and resources on which […]

Welcome back, students! We understand that starting a new semester will be hectic, so we’ve assembled key resources to assist with your security needs. Check out our curated list of advice and guidance to get you started. Device security is essential for protecting your privacy and data. Top-notch device security involves using features built into […]

The Office of Information Security (OIS) is always looking for ways to improve your security and reward your participation in helping to secure WashU. Back by popular request, the InfoSec team is continuing to assign the Inside Man series as our competition this August. The Inside Man is a soap opera-style training that covers critical […]

The Office of Information Security has observed a trend in which criminals advertise a job while impersonating someone from a university in Mexico. Impersonation is one of the most effective social engineering tactics scammers use, and it can be particularly enticing if offered employment.    If you see a message like the one below, please do […]

The Office of Information Security is always looking for new ways to improve our website to provide the best experience for the WashU community! Our homepage is going through a design overhaul to make accessing the critical security information you need easier.  Our Current Homepage Our New Homepage Below is how the new homepage will […]

Letter from the CISO, Vol 4 Issue 2  Washington University Community:  Last Friday, all the news was about the millions of Windows computers around the world that had been taken down by a flawed CrowdStrike file update.  Starting in the wee hours of Friday morning, systems administrators and computer users everywhere were struggling to boot […]

In this series we are exploring key aspects of our Information Security Awareness, Behavior, and Culture program. If you are a regular reader of this newsletter, you may have read our first article in this series entitled Inside ABC: Awareness, Behavior, and Culture. If you missed that one, you may want to read it first […]

The Office of Information Security (OIS) is always looking for ways to improve your security and reward your participation in helping to secure WashU. Back by popular request, the InfoSec team is continuing to assign the Inside Man series as our competition this July. The Inside Man is a soap opera-style training that covers critical […]

The Office of Information Security has observed a trend in which criminals advertise a job while impersonating someone from a university in Mexico. Impersonation is one of the most effective social engineering tactics scammers use, and it can be particularly enticing if offered employment.   If you see a message like the one below, please do […]

Jeremy Howard, security analyst III, is one of the newest members of our InfoSec team. Jeremy’s primary responsibilities as a Security Analyst III are to “manage and review events and increase the organization’s security posture by using our Data Loss Prevention program.” He also “provides guidance regarding information security pertaining to clinical workflows.” Jeremy notes […]

Letter from the CISO, Vol 4 Issue 1  Washington University Community:  An enormous amount of fraud is still being perpetuated via phone calls even though many people don’t use telephones very much. Cybercriminals seek your credit card or bank account numbers, access to your online bank accounts, and to install malware on your computer.  But […]

As more data, identities, and services move to the cloud, they are increasingly targets of threat actors with potentially life-altering consequences. In 2017, a breach of Equifax leaked the Social Security Numbers (SSNs) of 143 million Americans. While writing this article, Ticketmaster and its vendor, Snowflake, suffered a major data breach. Those are just two […]