Cybersecurity Awareness Month is now in its 18th year. The effort serves as a timely reminder for organizations across all sectors to reevaluate their cybersecurity posture.
For 2021, the theme is ‘Do Your Part. #BeCyberSmart,’ helping to empower individuals and organizations to own their role in protecting their part of cyberspace. Throughout October, we will leverage this theme to provide various resources on the NYU IT Security Awareness web page. The page will be changing each week to focus on different cybersecurity topics, and the Global Office of Information Security (GOIS) will be sharing tips, videos, games, and more.
2021 has been a tumultuous year of cyberattacks across all industries. This year, ransomware attacks have disrupted schools, healthcare organizations, fuel pipelines, food suppliers, and several organizations, impacting public health, the supply chain, and national and economic safety and security. The significant spike in ransomware illustrates that no sector has been or will be spared. As a result, all sectors, including higher ed, must recognize the importance of enhancing their cyber hygiene to ensure continued operations.
So, while we celebrate Cybersecurity Awareness month each October, it’s crucial that we remain informed and prepared for cyber threats year-round. Headlines remind us all too well that these attacks have technical, financial, reputational, legal, and compliance implications. But they also highlight the consequential operational disruptions, preventing schools from conducting classes or limiting access to critical systems and applications – things none of us want to see at NYU.
It is also a reminder that we must prioritize security initiatives to achieve a more robust risk-based security posture all year round. This is an opportunity for us to consider what can or needs to be done to make NYU more secure every day—taking steps to consider how we can improve our security to meet the expanding cyber challenges head-on continuously. Whether that’s educating our users about the dangers of ransomware or phishing attacks, safeguarding passwords and access privileges, using DUO multi-factor authentication, or implementing more robust information security policies, these measures will help reduce the cyber risks of working remotely or being on campus.
This Cybersecurity Awareness Month, it’s essential that all of us in the NYU community recognize our roles and remain informed. Each of us must be a cyber ambassador for NYU to prevent our community from falling victim to ransomware or other malicious cyber activity that can disrupt our operations. All of us must be ready to respond and have the necessary knowledge, skills, and judgment to mitigate this ever-growing, fast-paced risk to avoid potentially devastating attacks from harming NYU.
Some resources and quick tips:
- Remember, do not click on embedded links or attachments in unexpected or unfamiliar messages because even a click on a malicious element can trigger malware.
- If you see a message on your screen telling you that your computer is locked and your files are encrypted, or if you notice that your file extensions are beginning to change, immediately disconnect from the network and all connected systems. Next, for help, immediately notify security@nyu.edu, AskIT@nyu.edu, and your local IT administrator, with an email subject line “URGENT: Ransomware”, and inform your manager.
- Update/patch your devices regularly as updates address known vulnerabilities.
- Report a known or suspected security incident to security@nyu.edu.
- If you have questions about the legitimacy of a message received, send an email to: phishing@nyu.edu.
- To find out when Cybersecurity Awareness Training will be available at your school or unit, send an email to: cybersecurity-awareness-training@nyu.edu.
- Visit the GOIS and the Security Awareness web pages periodically to access helpful resources and information on NYU’s security controls.
Remember, security awareness starts at the individual level – #BeCyberSmart!
And on behalf of the entire security team, I want to thank you for your ongoing support to advance NYU’s information security posture.