Security Office broadens awareness efforts across campus
During 2018-2019, the Information Security Office increased its outreach efforts to make students, staff and faculty more aware of the importance of information security.
The pinnacle of the Information Security Office’s outreach efforts each year is its SecurityCon event during October’s National Cyber Security Awareness Month (NCSAM).
Throughout the year, ISO keeps students, faculty and staff up to date on the latest information security practices via tech fairs and Splunk workshops.
Focusing on October
Each year during National Cyber Security Awareness Month, the Information Security Office launches a campus-wide campaign to focus on a specific aspect of information security. In the past, campaigns centered around topics such as phishing and patching systems. In October 2019, the Security Office focused on safe computing and increasing student engagement with the safe computing resources and tips that it provides on its website.
“The drive behind getting people engaged with safecomputing.unc.edu is to give them the resources they need to protect both their personal and University data,” said Charlie Mewshaw, Security Operations and Incident Handling Team Lead.
SecurityCon is ISO’s largest on-campus event. More than 200 people attended the day-long event on October 9, 2019, at the Student Union. ISO consolidated into one day a keynote address, two discussion panels, tech demos, an interactive hacking competition, networking opportunities, free pizza for lunch and other giveaways. Attendance for the day was up from 2018.
In other activities during NCSAM 2019, ISO staff members set up pop-up tables near Wilson Library. The Security Office professionals provided students information security-related giveaways to help boost awareness of cyber security.
Boosted on-campus engagement
The ISO also increased its presence across campus and the community with its participation in on-campus tech fairs. At the 2018 tech fair, the ISO set up a booth to teach students about how they can identify phishing practices. Joining those manning the booth was Gil Phish, a smiling blue-and-white fish costume worn by an ISO staffer to further promote cybersecurity awareness to students.
In February 2019, ITS helped organize a Splunk workshop geared towards security for professionals across campus and within ITS. The successful event drew nearly 60 attendees. It provided a scenario-based walk through of a system compromise against a real-world data set. Attendees learned how Splunk could improve hunting and incident response capabilities.
Splunk has many on-campus customers who consult the group regularly for security investigations. The workshop emphasized security incident response and was the first on-campus workshop dedicated to this topic. Splunk is considering hosting more focused workshops in the future after receiving the positive feedback from the security incident response workshop.
With activities and other outreach through the year, the ISO demonstrates its commitment to providing Carolina community members with the materials and information they need to carry out proper information security practices.