Cybersecurity Awareness Month in October is a global effort to help everyone stay protected whenever and however they connect. The theme for the month is “It’s easy to stay safe online,” and The Office of Information Security is proud to be a Cybersecurity Awareness Champion, supporting online safety throughout the year. We’re here to help […]
The Office of Information Security (OIS) supports WashU’s mission of excellence in teaching, research, and patient care by assessing the security of the tools our community uses every day to do our work. Faculty and researchers often have specific needs for secure storage and communication services and unique needs for tools that aid student engagement, […]
The Office of Information Security (OIS) is always looking for ways to improve your security and reward your participation in our efforts. For this year’s Cybersecurity Awareness Month, we broadened the range of topics covered by our knowledge test, and we increased our prize amounts accordingly. We hope that taking this quiz and playing the […]
Do you want to know how security plays into research at WashU? Please join Michael Mayer, Information Security Analyst III, with the Office of Information Security, and bring your questions about how to secure your research. Mark your calendars and join us via Zoom on October 11 at 12 pm CST. This webinar is exclusively […]
Greg Whipple, Information Security Analyst III, is new to the Digital Forensics and Incident Response Team. In his role, Greg will perform forensic analysis of log data to further investigations into potential system compromises. Greg will also recommend ways to improve our processes and tools. Greg started his journey in information security with the US […]
Apple recently released a critical software update for all iOS (iPhones and iPads) and macOS devices designated iOS 15.6.1 and macOS 12.5.1. With the launch of these updates, Apple took the increasingly common step of alerting users that these updates patch vulnerabilities that criminals may actively exploit. Please update your iOS and macOS devices as […]
Letter from the CISO, Vol 2 Issue 2 Washington University Community: Why Do Cars Have Brakes? Why do cars have brakes? The obvious answer is that it helps them slow down and stop. The “real” counter-intuitive reason is that brakes let cars go fast. Imagine the panic and fear of being in a car that […]
Letter from the CISO, Vol 2 Issue 1 Washington University Community: Who’s responsible for Information Security at WashU? It seems like an odd question for me to ask since I’m the Chief Information Security Officer, but I ask it anyway. I know information security is my responsibility. Or, at least, it’s usually the person in […]
Many in the WashU community will travel this summer, visiting friends and family, taking vacations, attending classes and summer programs, staking out new study abroad opportunities, conducting research, or meeting with colleagues. The long days of summer ahead provide time to rest, relax, and recharge while also renewing professional and academic pursuits through research, collaboration, […]
Website Scavenger Hunt Ends Soon (Win $250) Please take some time to visit our website scavenger hunt for a chance to win $250 in Bear Bucks if you haven’t already. This competition ends tomorrow at midnight, so get your entry in soon to learn about some key resources and secure your chance to win. Chance […]
The Office of Information Security’s website is full of helpful resources and information for keeping you more secure online. To encourage you to become more familiar with what our website has to offer, the OIS office is holding a virtual scavenger hunt featuring a chance to win $250 in Bear Bucks! How to Participate Follow […]
The Office of Resource Management (ORM) plays an essential part in our day-to-day lives and operations at WashU. The office, home to more than 20 staff members, encompasses the departments of Purchasing Services, Furniture and Design, and Supplier Diversity and Mail Services. People from every department and role in the university community interact with the […]
Letter from the CISO, Vol 1 Issue 11 Washington University Community: There are only two things to worry about—that things will never get back to normal, or . . . that they already have. In other words, the only constant in life is change, and Information Security is no exception. I sometimes worry that I […]
Spring has arrived, and with it, the age-old tradition of spring cleaning. Getting organized, cleaning up your computer, and checking on your security hygiene will make your life easier as you approach the end-of-semester push toward summer adventures! As you clear away the cobwebs and shake off the dust of winter, also remember to clean […]
The OIS is always looking for ways to improve your security and reward your participation in our efforts. This month, we’re introducing new security features in Office 365 and running another prize competition! March Prize Giveaway We had a great turnout for our February Information Security prize giveaway, so we’re doing it again this month! […]
For the past three years, Quint Smith, Information Security Training and Communications Manager, has been building and managing the InfoSec marketing, communications, and culture program. He aims to encourage an informed, aware, and empowered user community, resilient to the continually evolving cyber threat landscape. He says, “information security is an arms race, and technical defenses […]
In the IRB Security Review process, our team works with research coordinators to evaluate security risks involved in the research process.
Spring Break is on the horizon, and many in the WashU community plan to travel for conferences, study away, research opportunities, and maybe even a little rest and relaxation! Smartphones and other digital devices are an integral part of our everyday lives, and they can make travel seem like a blissful dream. Helpful capabilities—your digital […]
By now, we’re all intimately familiar with the benefits and drawbacks of working from home. You may have been working from home for most of the pandemic, are a hybrid employee, or simply take your work or devices home for breaks and weekends. Whatever your unique situation, you probably have direct experience walking the increasingly […]
Increasingly, research sponsors require grantees meet strict security requirements to protect the data and systems used in funded projects.
Letter from the CISO, Vol 1 Issue 8 Washington University Community: This is the National Cybersecurity Alliance’s Data Privacy Week (https://staysafeonline.org/data-privacy-week/), and because security is closely related to privacy, I thought I’d say a few things about it. The “right to privacy” was defined by Justice Louis Brandeis in an 1890 article as the right […]
There are many reasons to care about research security. Researchers depend on the availability and integrity of their research data to continue the vital work of innovation, discovery, and improvement. Research participants rely on researchers and their teams to protect their information and privacy at every stage of the research process. These responsibilities are core […]
Washington University Community: Modern computers and mobile devices are so complex that they invariably have unintended flaws. Some of these flaws create vulnerabilities by which cybercriminals can attack your computer, tablet, or phone. In fact, these vulnerabilities are one of the most common ways devices are hacked. The good news is that it is surprisingly […]
The first step in developing a security strategy for your research is to know how your data are classified. Data classification, the process of categorizing data according to risk level, empowers you to select the right tools and services to protect your research.
WashU faculty, staff, and students regularly generate data through research. Safeguarding these data is crucial to protecting the privacy of research participants, the intellectual property of WashU researchers, the security of WashU systems, and the public’s trust in WashU. The Office of Information Security works with researchers, offering tools, services, and guidance to protect research, […]
Cybersecurity Awareness Month 2021 is in the rearview mirror! This year, we set out on the Road to Cybersecurity together. We hosted several events, sent out weekly security tips, and published a great newsletter full of original content authored by WashU’s information security staff. Competitions Our Cybersecurity Awareness Month competitions are always popular. In 2020, […]
Michael Mayer is an Information Security Analyst II working in Governance, Risk, and Compliance. This part of our office is a critical component of our information security posture. Michael cooperates with researchers and other university offices in support of safe and ethical research. He works with the Institutional Review Board to evaluate security requirements for […]
Did you know that there are more than three million open positions in cybersecurity today? There is a huge demand for cybersecurity professionals today, and the Bureau of Labor Statistics predicts that this trend will continue for the next decade and beyond. This high demand means opportunity, competitive salaries, and job security. Effective cybersecurity requires […]
Letter from the CISO, Vol 1 Issue 4 Washington University Community: Physical safety is a fundamental need of all animals, humans, computer systems, and devices. Last month I encouraged everyone to adopt a healthy dose of skepticism and paranoia regarding email, text, and social media messages to avoid becoming victims of social engineering attacks. This […]
Cybersecurity Awareness Month is here! Cybersecurity Awareness Month is a global effort to help everyone stay protected whenever and however they connect. The Office of Information Security is proud to be a Cybersecurity Awareness Champion, supporting online safety throughout the year. We’re here to help every member of our community gain the knowledge and tools […]
Denise Woodward is an Information Security Manager in Governance, Risk, and Compliance for our Office of Information Security. She has 27 years of experience in IT, 22 of which are in information security. She got her start in information security working on the Help Desk of A.G. Edwards & Sons and has enjoyed solving problems […]
2023 marks 20 Years of Cybersecurity Awareness Month! The Office of Information Security is proud to be a Cybersecurity Awareness Champion, supporting online safety throughout the year. We’re here to help every member of our community gain the knowledge and tools to be safe online. All month long, we are promoting key behaviors to encourage […]
Apple recently released a critical software update for all Apple devices designated iOS 14.8, macOS Big Sur 11.6, and watchOS 7.6.2. Apple issued these emergency updates in response to reports that “zero-click” spyware has been discovered on their devices. Users can update their own devices using the following steps (please note that download times may […]
Letter from the CISO, Vol 1 Issue 3 Washington University Community: “Keep Information Security Simple” has been my motto for nearly a decade. This month, I’d like to share an important thing that everyone can do to improve our security—slow down, just a little bit because haste makes good people fall for bad tricks. In the first […]
Washington University Community: Thank you for the positive feedback on June’s first issue of our new Information Security Bulletin, “Secured!” If you missed it, you can read it and other articles of interest at https://informationsecurity.wustl.edu/blog/. For almost a decade, I’ve been trying to “Keep Information Security Simple” (KISS) for my clients, employers, and friends. KISS is […]
Washington University recently adopted Workday, a cloud-based software system for managing finances, human resources, and planning. The new system provides a single, integrated system for managing multiple facets of daily operations at WashU. WashU takes the security of your data and our systems seriously. Therefore, the system that we use to manage sensitive information such […]
These pages provide a general overview of capabilities to appropriately safeguard controlled unclassified information (CUI) at Washington University in St. Louis. Overview The federal government requires minimum security requirements for certain federal information and systems that house or transmit sensitive information defined as Controlled Unclassified Information (CUI). These security standards are set forth by the National […]
Device security is essential for protecting your privacy and data. Sound device security involves using features built into your devices, such as setting a passcode or adjusting privacy settings and protecting the physical security of the device itself. Devices are valuable and are enticing to opportunistic passersby, whether they are after the device itself or […]
Most of us rely heavily on our computers and personal devices to do our jobs, shop for our households, navigate unfamiliar roads, communicate with others, and myriad other tasks. Today, we may take this continuous access to the Internet as a given, hopping on and off networks as we move through the world, allowing location […]
Tax season is here again, and as always, that means internet scammers are looking for openings to take advantage of heightened online traffic. According to IRS Commissioner Chuck Rettig, “This is generally the hunting season for online thieves, but this year there’s a dangerous combination of factors at play that should make people more alert” […]
Our office received a report of a vishing (fraudulent phone call) attack targeting a WashU student. In the attack, the caller claimed that the student’s social security number had been associated with overseas drug-trafficking activity. Another popular Vishing campaign involves impersonating support personnel from companies like Apple or Amazon. In this scam, the attackers call […]
The holiday season is here! As we prepare our hearths and homes to celebrate the holidays with friends and family, we sense that this season will be different. According to the National Retail Federation (https://nrf.com/media-center/press-releases/nrf-expects-holiday-sales-will-grow-between-36-and-52-percent ), online sales are expected to grow by at least 30% this year, adapting to the constraints of a pandemic […]
The Office of Information Security extends its gratitude to the faculty, staff, and students who participated in the events and activities of Cybersecurity Awareness Month 2020! During the month of October, we hosted a slate of webinars and presentations to help our community stay informed and empowered in the digital era. This year, our program […]
During the week of October 26, multiple federal agencies notified Washington University of a credible cybersecurity threat to US health care providers. This threat has impacted several hospitals across the country within the last few days, and intelligence officials suggest several hundred more may be targeted in the near future. Washington University has a dedicated […]
Dear WashU community, Cybersecurity Awareness Month has arrived! Cybersecurity Awareness Month was launched in October 2004 by the National Cybersecurity Alliance and the U.S. Department of Homeland Security as a joint effort to raise awareness of cybersecurity issues and help people stay safe online. Now in its 17th year, Cybersecurity Awareness Month is observed around […]
Cybersecurity Awareness Month is here! Cybersecurity Awareness Month is a global effort to help everyone stay protected whenever and however they connect. The overarching theme for the month is, “Do Your Part, #BeCyberSmart.” The Office of Information Security is proud to be a Cybersecurity Awareness Month Champion, supporting online safety throughout the year. We’re here […]
October is Cybersecurity Awareness Month. Cybersecurity Awareness Month was launched as National Cybersecurity Awareness Month in October 2004 as a joint effort between the National Cyber Security Alliance and the U.S. Department of Homeland Security. The objective of National Cybersecurity Awareness Month was to raise awareness of the importance of cybersecurity and offer resources to […]
The HIPAA Privacy Office, WashU IT, and the Office of Information Security invite you to attend a one-hour discussion and Q&A about safely handling protected data and using WUSTLBox to develop a secure workflow. Hosts will include Christine Schorb, HIPAA Privacy Officer, Eric Suiter, Systems Engineer with expertise in WUSTLBox, and Kevin Hardcastle, Chief Information […]
WashU InfoSec is honored to be among institutions named NCSAM Champions. We champion the cause of information security in our community by offering information, resources, and events throughout the year with special offerings during NCSAM every October. Stay tuned for our schedule of October events to help you #BeCyberSmart. To see a complete list of […]
Law enforcement and government agencies, including the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA), have issued warnings about criminal activity targeting COVID research. Below, you will find links to relevant guidance and announcements about this threat. FBI director says China seeks to compromise U.S. firms researching coronavirus – WaPo […]