Cyber Scotland Week draws together events across the country to showcase the innovation taking place in the sector, while raising awareness of good cyber resilience practice and promoting a career within the industry.

In a hurry? Jump to the schedule for the week!

Cyber security affects us all, whether or not we realise it. Cyber attacks can cause disruption to our daily routines and cyber-enabled crimes such as fraud and identity theft can result in significant financial losses. Cyber crime is crime – just like theft or assault – but the police and other authorities suspect that it is being massively under-reported, because many people don’t treat it as such, or because they may feel embarrassed about falling victim to an online scam.

Recent cyber attacks on Maastricht University and Dundee and Angus College have sent a clear message that Higher and Further Education institutions are being actively targeted by cyber criminals. This may be because they are traditionally open environments with more relaxed security controls, they are in possession of large amounts of personal data relating to their students and staff, they have valuable research data that could be held to ransom or sold, or more likely a combination of all these factors.

However, this doesn’t mean that falling victim to cyber crime is inevitable. By following our advice and adopting a few basic defensive behaviours, you can greatly reduce the likelihood of a successful attack:

1. Listen to your instincts – if an email, website or phone call doesn’t feel quite right, consider that it could be malicious and what could happen to you or the University if it is. If there’s the potential for harm or damage, think carefully before you act.
2. Take your time – Don’t feel pressured into doing something in a hurry, just because a message tells you to act quickly. Think about whether or not the request is reasonable or expected and, if necessary, seek confirmation using an alternative method such as phone call or face-to-face.
3. Share your concerns – Use a trusted authority such as Information Services for advice, guidance and support and always tell us if you think that something bad may have happened. You won’t get into trouble for reporting accidents or near-misses and doing so helps to protect other people.

What’s happening during the week?

Here at Edinburgh Napier University, we’ve put together 7 themed days of cyber security content for students and staff, presented on this website and promoted through our digital signage, intranet sites and social media accounts.

• The week lifts off on Monday 17^th with the launch of our new Cyber Security e-Learning module. We’ll also have a stall in the foyer at Craiglockhart between 10:00 and 13:00, so come along and talk to us!
• On Tuesday 18^th we’ll answer two very important questions: Why would anyone target me? and How do I report a cyber incident? Our stall will be in the foyer at Merchiston between 10:00 and 13:00, so you can ask us in person if you like.
• Most people have at least one mobile device, so on Wednesday 19^th we’ll teach you how to Secure Your Devices – how to protect the information on them, the importance of software and app updates and what to do if your device is lost or stolen. The foyer at Sighthill between 10:00 and 13:00 is the final outing for our stall and our staff will be on hand to help.
• We’ll show you how to Use Strong Passwords on Thursday 20^th and by doing so you’ll make it much harder for attackers to break in.
• Friday 21^st is fish day at the Craiglockhart Hydra Restaurant, but every day is potentially a day you need to Defend Against Phishing. While it may not be possible to avoid every single phishing message, our tips will help you to avoid many of them and will tell you what to do if you think you may have fallen victim to a phishing attack.
• One of the most effective ways to keep cyber criminals out of your accounts is to Enable Multi-Factor Authentication (MFA), so on Saturday 22^nd we’ll explain how.
• On Sunday 23^rd we’ll conclude Cyber Scotland Week 2020 with a look at how to Store Data Securely  – staff in particular have access to large amounts of information, including confidential data on students, finance and research. Knowing where that information is being kept, who has access to it and if it’s properly protected against damage or loss is essential to University business.

We’re hoping that everyone will find something useful in the content that we’ve prepared, but if there’s anything we haven’t covered that you’d like to know more about, please let us know.

Wishing you a cyber safe 2020!

Graeme Hamilton
Information Security Manager
Edinburgh Napier University