Educause Security Discussion mailing list archives

Re: Identifying 3 CyberSecurity Literacy Topics for Students

From: Ken Munro <Ken.Munro () MSVU CA>
Date: Mon, 17 Aug 2020 23:02:06 +0000

Hi.

I am focusing on three main areas with students and faculty for this upcoming term:


  1.  Password safety and hygiene (which ties into phishing awareness in point 2 below), including wifi admin accounts, 
SSIDS, and wifi passwords
  2.  Scam awareness/social engineering, including phishing, vishing, spear phishing, BEC, USB stick attacks, tax 
scams, job scams, etc.
  3.  Software safety, the importance of installing updates for software , OS, antivirus, wifi firmware, etc.

These three were the main areas suggested to focus on in a SANS remote workforce training webinar I attended over the 
summer, and I think they make sense, especially with our campus being 99% remote this fall.

You could fit social media safety under the scam awareness section as information posted online could be used in a 
social engineering attack. There is also the reputational side of social media awareness, but I think of that as more 
of life skills than hard cybersecurity, albeit a good way to motivate people to be more careful about their online 
identities.

Cheers.

Ken Munro

________________________________________
Ken Munro
Security Compliance and Training Specialist
Information Technology and Services
Mount Saint Vincent University
166 Bedford Highway
Halifax, NS, Canada, B3M 2J6
(902) 457-6150
ken.munro () msvu ca<mailto:ken.munro () msvu ca>

Confidentiality Notice: This email may be private and confidential. If you have received this e-mail by mistake, please 
immediately notify the sender by e-mail or telephone, delete it from your system, and do not copy or distribute it.

Phishing Warning: IT&S does not request passwords or other personal information via email. Messages requesting such 
information are phishing attempts and should be deleted.


From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Jason Edelstein
Sent: Monday, August 17, 2020 5:27 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Identifying 3 CyberSecurity Literacy Topics for Students


[ Email originated outside of MSVU, use extra caution. ]
I might, even though it's security-focused and these aren't the same thing... streeeeetch Todd's #3 (and many others 
who have said similar, I'm feelin' Eric Weakland's phrasing very much!) just enough to make the "privacy and security" 
label stick to this presentation. One of the reasons all of these things matter so much is precisely because of their 
privacy impacts - it's a good hook.

-je-

On 8/17/20 2:23 PM, Todd Watson wrote:
Hi Cathy,

From my perspective:

  1.  Social engineering
  2.  Account access controls to include password hygiene and MFA
  3.  Consequences to personal cybersecurity from over-sharing on social media

Hope these help!

Regards,

Dr. W. Todd Watson, CISSP
Information Security Officer
University System of Georgia
Cybersecurity
706-583-2400
todd () usg edu<mailto:todd () usg edu>

From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU><mailto:SECURITY () LISTSERV 
EDUCAUSE EDU> on behalf of Cathy Hubbs <hubbs () AMERICAN EDU><mailto:hubbs () AMERICAN EDU>
Reply-To: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU><mailto:SECURITY () 
LISTSERV EDUCAUSE EDU>
Date: Monday, August 17, 2020 at 1:53 PM
To: "SECURITY () LISTSERV EDUCAUSE EDU"<mailto:SECURITY () LISTSERV EDUCAUSE EDU> <SECURITY () LISTSERV EDUCAUSE 
EDU><mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] Identifying 3 CyberSecurity Literacy Topics for Students


 CAUTION: This email originated from outside of the USG System Office. Use caution replying or supplying information, 
clicking links or opening attachments. If you suspect the message is fraudulent, contact the Enterprise Service Center 
at 706-583-2001 or helpdesk () usg edu<mailto:helpdesk () usg edu>.

Good afternoon colleagues,
I have an opportunity to engage undergrad students in a single zoom session – introducing them to 3 cyber security 
literacy topics. I thought I would leveraage the brainpower of the HE community to hear what top 3 topics you would 
focus on if given this opportunity.

Thank you!

Cathy

Cathy Hubbs
Chief Information Security Officer
American University, Washington DC
Office of Information Technology



**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community<https://urldefense.com/v3/__https:/nam02.safelinks.protection.outlook.com/?url=https*3A*2F*2Fwww.educause.edu*2Fcommunity&data=02*7C01*7Ctodd*40USG.EDU*7Cdfce397c2809494b5db608d842d67418*7C4711f877fb3a4f11aaab3c496800c23d*7C0*7C0*7C637332836127337559&sdata=E3G3DQoBTWkB6Q3UUdU8NAX8o48Zy*2Fom2v1ZllSOfdY*3D&reserved=0__;JSUlJSUlJSUlJSUlJSU!!BpyFHLRN4TMTrA!sK_k9DpUIdhrXUAVDlwB41DzZbEbsWVQiyQiOmMpnAjsemGT7peV6eyNAdGpMBvFfQ$>

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community<https://urldefense.com/v3/__https:/www.educause.edu/community__;!!BpyFHLRN4TMTrA!sK_k9DpUIdhrXUAVDlwB41DzZbEbsWVQiyQiOmMpnAjsemGT7peV6eyNAdELD18blg$>



**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community
-->

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Current thread:

Re: Identifying 3 CyberSecurity Literacy Topics for Students, (continued)
- - - Re: Identifying 3 CyberSecurity Literacy Topics for Students Cathy Hubbs (Aug 17)
    - Re: Identifying 3 CyberSecurity Literacy Topics for Students Seidl, David (Aug 17)
- Re: [EXTERNAL] [SECURITY] Identifying 3 CyberSecurity Literacy Topics for Students Smith, Jason (Aug 17)
  - Re: [EXTERNAL] [SECURITY] Identifying 3 CyberSecurity Literacy Topics for Students Neal O'Farrell (Aug 17)
  - Re: [EXTERNAL] [SECURITY] Identifying 3 CyberSecurity Literacy Topics for Students Theresa Semmens (Aug 17)
- Re: Identifying 3 CyberSecurity Literacy Topics for Students Kristen Dietiker (Aug 17)
  - Re: Identifying 3 CyberSecurity Literacy Topics for Students Alfred Barker (Aug 17)
- Re: Identifying 3 CyberSecurity Literacy Topics for Students Eric Weakland (Aug 17)
- Re: Identifying 3 CyberSecurity Literacy Topics for Students Todd Watson (Aug 17)
  - Re: Identifying 3 CyberSecurity Literacy Topics for Students Jason Edelstein (Aug 17)
    - Re: Identifying 3 CyberSecurity Literacy Topics for Students Ken Munro (Aug 17)