A warm welcome to this, our final daily post for Cyber Scotland Week 2020. We finish the series with a look at how to store data securely and protect it from accidental or malicious loss.
Thank you for visiting our blog throughout Cyber Scotland Week 2020 – we hope you found it useful. If you have any feedback you’d like to share about the blog, or indeed have any questions at all about cyber security, please get in touch.
It’s the weekend! Pity about the weather though…
Following on from Thursday’s post about the importance of using strong passwords and yesterday’s about how even strong passwords can be compromised through phishing, today we’re going to show how enabling Multi Factor Authentication can put a stop to a significant proportion of account takeovers, even in cases where your password is revealed.
Information Services will soon be introducing MFA on staff Office 365 accounts. You can find out more about that on the MFA Project site, but in the meantime you should consider setting it up on your other accounts where available.
Yesterday we looked at the importance of using strong passwords, but even the strongest password is of little benefit if a cyber criminal can trick you into handing it over to them willingly. This is what phishing emails are designed to do, so in today’s post we’ll explain some of the manipulative techniques they employ and what you can do to defend against them.
If you’d like to have a go at spotting potential phishing messages without putting yourself at risk, try this quiz from Google.
Despite strong passwords being fallible to a successful phish, there are ways to make it more difficult for a cyber criminal to access your account – even if you unwittingly hand over your password. Multi Factor Authentication (MFA) is one such method and we’ll be exploring what it is and how it works when we return tomorrow.
Passwords are often the only thing standing between a determined cyber criminal and full access to your email, social media accounts and online banking – which is why it’s so important that they’re strong and resistant to attack.
Focus on protecting these key accounts by giving them each a unique password that isn’t based on any information linked to you, and which hasn’t already been cracked or guessed elsewhere. Strong passwords can be difficult for people to remember, so try using three random words or think about using a Password Manager to remember your passwords for you.
Email-based attacks are the topic of Friday’s post, where we’ll explain how to defend against phishing. Hope to see you back here tomorrow!
Gone are the days when family members fought over whose turn it was to use “the computer” – many people today now have access to their own phone, tablet or laptop and frequently use all of these devices – either for personal use or work. With so much of our lives, friendships, memories and business activities dependant on these portable computers, it’s important that we all know how to properly protect them.
By taking some simple steps like setting a passcode and installing software updates, you can make it more difficult for cyber criminals to gain access to your important data, apps and accounts – even if the worst happens and your device is lost or stolen.
We touch upon authentication when discussing setting a passcode on your devices, but for all the details on using strong passwords, you’ll want to read Thursday’s post.
It’s two topics for the price of one today! First we’ll explore the types of people behind cyber attacks, what they hope to gain by targeting you and why you make such a good target in the first place.
The second part of our post will go on to explain how to and why it’s important to report all cyber incidents, no matter how trivial you think they may be.
We look forward to welcoming you back tomorrow, when we’ll be exploring how to secure your devices.
Why would anyone target me? / How do I report a cyber incident?
We begin Cyber Scotland Week 2020 with the launch of a new cyber security e-Learning module for all staff, which replaces the existing module in Moodle. The link remains the same however, so you can still access it here. All Edinburgh Napier University staff need to complete the new e-Learning module – including those who have previously completed the old UCISA module.
Based on your feedback, we’ve made the content more current and easier to navigate, reduced the length to under 30 minutes and it’s now viewable on mobile devices such as tablets and phones.
The module introduces why cyber security is important, how attacks happen and then covers four key areas:
Since the new module is shorter and applicable to all organisations, it no longer includes university-specific sections such as handling research data. For further information on this and other relevant topics, please see the Information Security pages on the Staff Intranet. If you’d like to discuss bespoke cyber security awareness and training options for your team, please contact the IS Service Desk.
Join us again tomorrow for a double-bill of topics: Why would anyone target me? and How do I report a cyber incident?
Cyber Scotland Week draws together events across the country to showcase the innovation taking place in the sector, while raising awareness of good cyber resilience practice and promoting a career within the industry.
In a hurry? Jump to the schedule for the week!
Cyber security affects us all, whether or not we realise it. Cyber attacks can cause disruption to our daily routines and cyber-enabled crimes such as fraud and identity theft can result in significant financial losses. Cyber crime is crime – just like theft or assault – but the police and other authorities suspect that it is being massively under-reported, because many people don’t treat it as such, or because they may feel embarrassed about falling victim to an online scam.
Recent cyber attacks on Maastricht University and Dundee and Angus College have sent a clear message that Higher and Further Education institutions are being actively targeted by cyber criminals. This may be because they are traditionally open environments with more relaxed security controls, they are in possession of large amounts of personal data relating to their students and staff, they have valuable research data that could be held to ransom or sold, or more likely a combination of all these factors.
However, this doesn’t mean that falling victim to cyber crime is inevitable. By following our advice and adopting a few basic defensive behaviours, you can greatly reduce the likelihood of a successful attack:
Here at Edinburgh Napier University, we’ve put together 7 themed days of cyber security content for students and staff, presented on this website and promoted through our digital signage, intranet sites and social media accounts.
We’re hoping that everyone will find something useful in the content that we’ve prepared, but if there’s anything we haven’t covered that you’d like to know more about, please let us know.
Wishing you a cyber safe 2020!
Graeme Hamilton
Information Security Manager
Edinburgh Napier University
Cyber Scotland Week 2020 is nearly here!
A weeklong festival of events on cyber awareness, cyber careers and innovation in cyber security.
More information for Edinburgh Napier University students and staff coming soon!