Category Archives: Special News

21st annual Cybersecurity Awareness Month

Greetings Simmons Community,

As we enter October, we celebrate the 21st annual Cybersecurity Awareness Month. This year’s theme, “Secure Our World,” emphasizes the importance of daily actions to reduce online risks. As your Information Security Officer, I’m committed to fostering a secure digital environment for our entire university community.

Focus on the Human Element

This year, we’re highlighting the crucial role each individual plays in cybersecurity. By making smart decisions online, whether at work, home, or school, we can collectively enhance our digital safety.

Four Key Actions to Enhance Your Cybersecurity

  1. Enable Multi-Factor Authentication (MFA) Utilize SharkPass/Duo to add the extra layer of security provided to you for Simmons accounts to other third-party accounts.
  1. Use Strong Passwords Create unique, complex, strong passwords for all accounts. Consider using a password manager for added security.
  1. Recognize and Report Phishing Stay vigilant against unsolicited messages requesting personal information. Report suspicious emails to Technology.
  1. Update Your Software Regularly Ensure all your devices have the latest security patches and updates.

Cybersecurity in Education

Simmons University is proud to be designated as a Center for Academic Excellence in Cybersecurity Education by the NSA. This recognition underscores our commitment to preparing students for the evolving cybersecurity landscape. This prestigious recognition places Simmons among a select group of institutions nationwide dedicated to reducing vulnerabilities in national information infrastructure.

Stay Safe During Election Season

As we approach the 2024 election, it’s essential to be vigilant about cybersecurity. Here are key strategies to protect yourself:

Verify Voter Registration Sites

  • Check for Official Domains: Always look for .gov endings.
  • Go Directly to State Websites: Avoid clicking on links; use trusted sources like Vote.org.

Avoid Donation Scams

  • Use Trusted Platforms: Donate through ActBlue for Democrats and WinRed for Republicans.
  • Be Cautious with Informal Methods: Avoid sending donations via messaging apps.

Spot Misleading Political Ads

  • Check the Source: Look for credible references in ads.
  • Cross-Verify Claims: Use trusted news outlets to confirm information.

Navigate Social Media Safely

  • Fact-Check Surprising Claims: Use reliable sources like FactCheck.org.
  • Be Careful with Sharing: Avoid spreading unverified posts.

Protect Against Phishing

  • Be Wary of Unsolicited Messages: Don’t click links or download attachments from unknown senders.
  • Report Suspicious Emails: Notify Technology.

By practicing these strategies, you can help create a safer online environment during this critical election period.

Remember, cybersecurity is a shared responsibility. By working together, we can create a safer digital environment for our entire Simmons community.

Stay secure, 

Kristen Howard 

Simmons Information Security Officer

October is CyberSecurity Awareness Month

Greetings! I’m Kristen Howard, the new Information Security Officer at Simmons University. My main goal is to work with faculty, staff, and students to raise awareness about cybersecurity and foster a secure online setting. By partnering together, we can protect the university’s information and enable a safe and effective digital environment for everyone in our community.

This month we will focus on the human role in cybersecurity.

See Yourself in Cyber. #BeCyberSmart.

Even though cybersecurity may seem like a complex subject, ultimately, it’s really all about people. This month we focus on the “people” part of cybersecurity, providing information and resources to help everyone make smarter decisions whether on the job, at home, or at school. 

4 Things You Can Do to #BeCyberSmart

Security Awareness Training and Phishing Tests

One of the ways we can protect ourselves is through security training on a regular basis.  This reinforces our knowledge of cybersecurity over time and becomes part of our subconscious defense behavior.  Beginning in November, we will make short learning videos available on a monthly basis for people to review.  After that, it’s time to test our Phishing skills and apply what we have learned in the form of fake Phishing emails.  Can you spot the Phish?   

About Your Role

When we say See Yourself in Cyber, we mean see yourself in cyber no matter what role you play. As an individual or consumer, take steps to protect your online information and privacy. Faculty, staff, and service providers can take ownership of their role by putting cybersecurity in place to prevent incidents while protecting the University’s brand and reputation. Administrators support critical operations and are a part of the network of functions and systems that others rely on.

Remember: your role plays an important part in ensuring cybersecurity for the larger ecosystem!

Avoid Becoming a Social Engineering Victim – Four Questions to Ask Yourself:

Social engineering is a scam where a cybercriminal attempts to trick someone into taking an action against their own best interests. Usually, the action results in the victim providing confidential information (like their login information) or installing malware on their computer. Most social engineering attacks have four common traits, which signal a far higher likelihood of a scam if all are present.

Image describe process of possible scenarios

Long Image Description:

Did the message arrive unexpectedly? Yes. Is it the first time the sender has asked you to perform the requested action? Yes. Does the request include a stressor, such as “You need to do this now”? Yes. Can performing the request harm your interest? Yes. If you answer yes to all of them, you should go out of your way to confirm the request is legitimate. Use a trusted method like calling or texting the sender before taking any action.

Not every message with these four traits is absolutely a social engineering scam. Our email inboxes, voicemail and postal mailboxes are full of unexpected requests; that is life. But when these four traits are present, stop, look, and think before you act!

Phishing and Social Engineering 

Phishing and social engineering campaigns are still a top source of ransomware and other malware[1]. 

Phishing is a type of cybersecurity attack where malicious actors send messages pretending to be a trusted person.  Social Engineering is the psychological manipulation of people into performing actions like installing malicious software, clicking a malicious link, or divulging sensitive information.

Reduce your chances of your falling victim to phishing attacks!

Beware of messages that:

  • Do not clearly identify themselves or their company
  • Come from an email address that does not match the company’s domain
  • Do not give full contact information such as the title of sender, the company’s physical address, or phone number
  • Make too good to be true offers with no strings attached
  • Ask to pay an upfront fee or asks you to transfer money for them
  • Ask to give your credit card or bank account numbers
  • Ask to send copies of personal documents
  • Remember: DO NOT provide any personal information, especially Social Security numbers or financial information. Legitimate companies would not ask for this information over the phone or email.

If an email looks suspicious, do not respond and do not click on any links or attachments. When available, “Report phishing” to block other suspicious emails.

[1] 2023 Verizon Data Breach Investigations Report (DBIR)

Please send any questions or concerns to Simmons Information Security Officer, Kristen Howard, or the Technology Service Desk.

October is CyberSecurity Awareness Month

Cybersecurity & Infrastructure Security Agency Logo

See Yourself in Cyber. #BeCyberSmart.

Even though cybersecurity may seem like a complex subject, ultimately, it’s really all about people. This month we focus on the “people” part of cybersecurity, providing information and resources to help everyone make smarter decisions whether on the job, at home, or at school. 

4 Things You Can Do to #BeCyberSmart

About Your Role

When we say See Yourself in Cyber, we mean see yourself in cyber no matter what role you play. As an individual or consumer, take steps to protect your online information and privacy. Faculty, staff, and service providers can take ownership of their role by putting cybersecurity in place to prevent incidents while protecting the University’s brand and reputation. Administrators support critical operations and are a part of the network of functions and systems that others rely on.

Remember: your role plays an important part in ensuring cybersecurity for the larger ecosystem!