Cybersecurity Identity Theft Resources

[Joanna Grama <jgrama () EDUCAUSE EDU>]

Good morning,

I expect that many campuses and IT leaders are thinking about whether or how to issue campus communications about the 
recent Equifax breach. You may also be wondering about what steps to take right now to protect your own identity if 
your information was included in the Equifax breach.

The Higher Education Information Security Council 
(HEISC)<https://www.educause.edu/focus-areas-and-initiatives/policy-and-security/cybersecurity-initiative/about> and 
EDUCAUSE Cybersecurity 
Program<https://www.educause.edu/focus-areas-and-initiatives/policy-and-security/cybersecurity-initiative/about> have 
created a number of identity theft related-resources that you may wish to use as templates for campus communications. 
These resources were created by HEISC working groups-information security and privacy professionals with great 
experience in these topics.  I hope that these resources are useful to you and serve to complement campus resources 
prepared by your information security and privacy teams.

Campus Security Awareness Campaign 
Materials<https://www.educause.edu/focus-areas-and-initiatives/policy-and-security/cybersecurity-initiative/community-engagement/security-awareness>.
 The campaign provides monthly security awareness topics that information security professionals and IT communicators 
can integrate into campus communications. Using the additional ready-made content below, you can create a steady stream 
of privacy and security awareness information for students, faculty, and staff. The following items of ready-made 
content are most pertinent to responses to the Equifax breach:

*       January 2017: Keep What's Private, 
Private<http://er.educause.edu/blogs/2016/11/january-2017-keep-whats-private-private>

*       April 2017: Don't Be Fooled! Protect Yourself and Your Identity 
<http://er.educause.edu/blogs/2016/11/april-2017-dont-be-fooled-protect-yourself-and-your-identity>

  *   June 2017: Basic Steps to Online Safety and Security 
<http://er.educause.edu/blogs/2016/11/june-2017-basic-steps-to-online-safety-and-security>
  *   July 2017: Think You've Been Hacked? Here's How to Shake It Off! 
<http://er.educause.edu/blogs/2016/11/july-2017-think-youve-been-hacked-heres-how-to-shake-it-off>
  *   January 2016: Guard Your Privacy Online <http://er.educause.edu/blogs/2015/12/january-guard-your-privacy-online>

*       November 2016: Identity Theft-It Could Happen to 
You<http://er.educause.edu/blogs/2016/6/november-identity-theft-it-could-happen-to-you>

The EDUCAUSE library also has a number of links to other sources with valuable identity theft information.  You can 
find the library page here: https://library.educause.edu/topics/policy-and-law/identity-theft   (As a victim of 
identity theft, I found the Federal Trade Commission's resources most helpful.)

Some people have posted about personal identity theft and credit monitoring services. Unfortunately, we do not have 
resources to share on such policies for individuals.  I look forward to hearing your discussions on the pros/cons of 
various services and whether or not your institution provides such insurance to faculty/staff as part of a benefits 
package, or to students as a helpful service.

Kind regards,
Joanna

(This message has been cross-posted to the EDUCAUSE CIO and SECURITY listservs.)

Joanna Grama, JD, CISSP, CRISC, CIPT
Director of Cybersecurity and IT GRC Programs

EDUCAUSE
Uncommon Thinking for the Common Good
282 Century Place, Suite 5000, Louisville, CO 80027
direct: 720.406.6769 | cell: 720.507.5983 | jgrama () educause edu<mailto:jgrama () educause edu>

Become a Member- Everyone at your organization is an EDUCAUSE member when you join | Access discounts, resources, and 
valuable peer networks | Discover membership<https://www.educause.edu/about/discover-membership>