Kennesaw State held its tenth annual Cyber Security Awareness Day in early October as a way to encourage the community to protect their computers.
University Information Technology Services’ Office of Cybersecurity held the event in celebration of National Cyber Security Awareness Month.
National Cyber Security Awareness Month was started and is managed by the National Cyber Security Alliance, a non-profit in Washington, D.C., with the goal to “educate and empower our global digital society to use the internet safely and securely,” according to its LinkedIn page.
According to KSU’s website, thousands participate in NCSAM throughout the United States during the month of October, posting tips on how to stay secure on social networks, educating customers and employees and holding events.
The Office of Cybersecurity held the event on the Marietta campus on Oct. 3 in the Joe Mack Wilson Student Center. The event featured five different sessions and six speakers coming from different sectors such as corporate, education and law enforcement.
One of the prominent speakers at the event on the Marietta campus was Beth Messick, a digital forensic investigator manager for the GBI. According to KSU’s website, Messick is responsible for collecting, preserving and analyzing digitally stored evidence at GBI, and she has investigated crimes such as fraud, identity theft, child pornography, rape, homicide, check forgery and kidnapping.
The university also held the event on the Kennesaw campus on Oct. 4, featuring another set of speakers that included representatives from the U.S. Secret Service, representatives from the FBI, a KSU alumnus who now works as a penetration tester at an Atlanta software company, KSU professors and representatives from the Office of Cybersecurity.
Assistant Director of the Office of Cybersecurity Chris Dehner spoke about cybersecurity threats that students, faculty and staff could face on campus, including issues with social engineering where individuals may manipulate others into providing confidential or personal information.
“We are social creatures,” Dehner said. “As much as we may not say we care what other people think, we pretty much kind of do, and so we have these social contracts with each other where we have expectations of behavior and service and helpfulness. And so threat actors are like wolves in sheep clothing. They have malicious intent, but they’re going to present themselves as being a friendly and trustworthy person.”
Dehner explained that one of the most common social engineering issues KSU students, faculty and staff face are email phishing attempts. Dehner said that these emails are mainly localized and are usually sent to small groups of people, but phishing attempts are also occasionally campus-wide.
UITS posts all reported phishing attempts on the university’s Phish Market so that the KSU community can more easily identify emails that may be a threat to their security. According to the Phish Market website, there have been at least 15 reported phishing attempts at KSU in 2018.
In order to report an email that students, faculty or staff believe might be a phishing attempt, they can forward the email to abuse.kennesaw.edu. Tips on how to avoid compromising personal or confidential information online can also be found on the Phish Market site.
As Dehner closed out the final session of Cyber Security Awareness Day on Oct. 4, he thanked many people within UITS for their help with the event, including Chief Information Office Jeff Delaney.