Campaign Strategies for NCSAM and Beyond
At colleges and universities, we are in a unique position — more than reporting breaches and informing our community following them, we have the ability and duty to provide resources to aid in cultivating awareness of threats to reduce cybercrime, a growing threat across the nation. Higher ed institutions are increasingly targeted by cybercriminals to gain access not only to institutional information but also to student, faculty, and staff information.
"Issues related to cybersecurity continue to serve as the number one issue on the EDUCAUSE Top 10 Issues list for 2018. Many CIOs say it is the issue which keeps them up at night and serves as their biggest challenge," shared Vanessa Hammler Kenon, assistant vice provost of IT at the University of Texas at San Antonio (UTSA) and an EDUCAUSE 2018 Top 10 IT Issues committee member.
Each year brings increased incidences of phishing, malware, and viruses targeting institutions. To combat these threats and utilize the important role of IT in higher education, the UTSA Office of Information Security (OIS) and the Office of Information Technology (OIT) created cybersecurity awareness campaigns to use each semester, building on existing resources.
During the month of October, UTSA supported National Cyber Security Awareness Month (NCSAM), an annual campaign — sponsored by the U.S. Department of Homeland Security and the National Cyber Security Alliance — to increase awareness about cybersecurity worldwide. Throughout the month, the UTSA community was educated on potential threats and provided with tools and resources to stay safe online.
Creating a campaign requires dedication from across the IT department. Both OIS and the Customer Relations, Communications, and Training (CRCT) team within OIT promoted the cybersecurity awareness campaign "Don't Get Hooked" through different marketing channels during NCSAM.
The NCSAM promotions were performed weekly by the following CRCT staff:
- Communications specialist: Nicole Duff
- Communications specialist: Kelsey Evans
- Communications specialist: Danicia Steele
- Multimedia designer: Yuri Martinez-Ramos
- Project coordinator: Rosalind Ong
- Webmaster: Dalinda Milne
UTSA Community Outreach
The CRCT team hosted an informational table on campus throughout the month to help increase the awareness of cyberthreats and educate UTSA students, faculty, and staff on proper practices to avoid them. Participants were rewarded with a "Don't Get Hooked" T-shirt.
The CRCT team collaborated with student organizations including the UTSA Student Government Association (SGA) to promote an informative video on phishing and how to avoid getting hooked. The video, narrated by the current SGA student body president, has been promoted through multiple social channels, both on and off campus.
All "Don't Get Hooked" marketing products — including posters, e-mails, videos, and digital signage — were promoted throughout both the UTSA main and downtown campuses to ensure the entire community was engaged.
Training
In support of cybersecurity awareness, OIS offered training to UTSA faculty and staff, "E-mail Phishing Scams: How to Avoid Them," hosted by Brad Cooper, OIS's senior information security analyst, which highlighted the different types of phishing attacks, the proper steps to take if users receive a phishing e-mail, and what to do if you've been hooked by a phishing scam.
Social Media
The CRCT team posted informational security tips for all social media followers. The weekly tips included polls and quizzes to actively engage followers, as well as relevant hashtags like #CyberAware.
Beyond NCSAM
We use strategies from the EDUCAUSE Year-Round Campus Security Awareness Campaign to continue our outreach to students, faculty, and staff, which is woven into our ongoing information tables, social media, newsletter, interviews for the student newspaper and student groups, marketing campaigns, department special events, and conferences open to the campus community. NCSAM helps spotlight the importance of cybersecurity each year and further amplifies the year-round effort to expand the knowledge of our community and help them protect themselves from threats.
Working with faculty, staff, and students to cultivate cybersecurity awareness is a continuous process, as cyberthreats are constantly increasing in sophistication. In particular, educating our students about cyberthreats is essential. Building awareness for students starts when students first arrive on campus for orientation and continues through graduation. To empower and arm our community with the knowledge to protect themselves, we continually provide resources, which is essential to maintaining awareness and fostering a commitment to making sure cybersecurity is everyone's responsibility.
Office of Information Security Vision
"Since 2004, the nation has observed National Cyber Security Awareness Month in October," noted Kevin Kjosa, UTSA information security operations officer. "All of us have a role to play in protecting our systems and our data from cyberattacks. Cybersecurity is a shared responsibility to protect ourselves, our university, and our nation."
OIS is committed to protecting data, systems, and information, as well as educating the UTSA community about various beneficial methods of cyberprotection that are generally quick and easy. Cyberthreats have varying agendas, all of which include gaining access to an institution's data and network resources, as well as the personal information it safeguards. The threats come from single actors, criminal organizations, and nation states. However, by building the UTSA community's cybersecurity awareness, we can help prevent future cyberattacks.
Learn more about UTSA's security guidelines for students [https://www.utsa.edu/oit/StudentServices/InformationSecurity/GuidelinesForStudents.html] and faculty and staff security services. Follow UTSA's Office of IT on Facebook, Twitter [https://twitter.com/UTSAoit], Instagram, or LinkedIn for security tips.
Danicia Steele is a Communications Specialist at the University of Texas at San Antonio.
Rosalind Ong is a Project Coordinator at the University of Texas at San Antonio.
© 2017 Danicia Steele and Rosalind Ong. The text of this work is licensed under a Creative Commons BY-NC-ND 4.0 International License.