AVP & CTO Update, October 5, 2020

October is Cyber Security Awareness month (CSAM), and it is a great time to double down on your IT security approach. McMaster relies on you to be a member of our Cyber Security Squad . Everything you do to improve or enhance both your professional and your person cyber security posture is a good thing for Mac as well.

The first National Cyber Security Awareness Month (NCSAM) was started in 2004, by the American Cybersecurity and Infrastructure Security Agency, so this is a campaign that has some history. Now in 2020, there are Cybersecurity Awareness campaigns undertaken all around the world, each with its own theme, such as the ‘ThinkB4UClick’ campaign in the UK. In the US the theme this year is “Do Your Part. #BeCyberSmart.” And in Canada, it is “GetCyberSafe”. This global effort makes it easy to find amazing resources and material so you can learn how to protect your technology and devices.

The technologies we rely on to provide us with our social interactions, work access, financial access and so many other capabilities, are amazing. At the same time, they can be used to undermine our IT security posture without us even realizing it. Default settings and even the core purpose of the systems we access may open us up to risk. If you have seen The Social Dilemma on Netflix it may have raised your eyebrow and debates are unfolding. The more technology we use, the more our cyber security and privacy risks will increase. By design, McMaster’s on campus network and secure technology perimeter provided enhance security to all of us working there. This is much less the case when we are working in our home environments. While we are safter from COVID-19, we may also have higher IT security risk at home unless we pay special attention to remediation.

Since the start of the fall semester, we have seen a rapid increase in evidence of compromised accounts and targeted campaigns to get access to McMaster credentials. As soon as one person’s MacID and password are compromised, it opens many more people up to that possibility. Because we tend to trust other McMaster accounts, it can result in people letting down their guard when they get email from our domain. Please remain scrupulous and avoid trusting any attempts to get you to provide your MacID and password or to click on links in an email without deep scrutiny.

Despite that, ALL of us, myself included, can improve our IT security hygiene and practices to reduce the risk of having our credentials and privacy compromised. We are in the driver’s seat. That’s what makes Cyber Security Awareness month so great – think of it as Fall Clean Up for you and your technology. 

Check out just a few of these sources to get your Cyber Security Awareness muscles loosened up:

• Our own amazing IT Security team will be pushing a comprehensive set of communications and activities during Cyber security awareness month. They have already kicked off a contest with great prizes to entice you to start learning.
  
• Not long after we moved to a remote access environment, our IT Security team created a series of cyber security resources to help you maintain your IT security posture from home.
  
• Check out this IT World Canada article that outlines some simple tips and reminders that we can all take to remain more secure – including the excellent advice of giving out as little information about yourself as possibl
  
• Even the Department of National Defence has a campaign for Cyber Security Awareness month (their theme is Cyber Resilience).

If you believe you have received a phishing email or any kind of IT security breach attempt, contact our IT security team at is-spam@mcmaster.ca.

On that note, I wish you all an amazing week. And a very Happy Thanksgiving, too. We have a lovely 4-day weekend ahead of us with the generousity of our institutional leadership. Use it well!