Believing that cyber security is a shared responsibility, the University of Toronto (U of T) community celebrated another Cyber Security Awareness Month (CSAM) this October. CSAM is an internationally recognized annual campaign that aims to educate individuals and institutions about the ever-changing field of cyber security and encourage best security practices.
For CSAM’s 10th anniversary, ITS’s Information Security team, in partnership with Education, Awareness & Culture (EAC), developed a CSAM campaign focusing on how the community can work together to stay safe online and protect personal and institutional information. Celebrated virtually for the second year in a row, the campaign included two virtual Coffee with the Chief Information Security Officer (CISO) events, a Secure Together virtual panel, multiple educational blog posts and an engaging social media contest.
“CSAM helps us educate the U of T community about information security and what we all can do to protect ourselves and the University against security threats,” says Kalyani Khati, Associate Director, Information Security Strategic Initiatives. “One of the key objectives of this year’s campaign was to spread awareness about the security resources and capabilities that are available to the U of T community, including data classification schema, Information Security Standard, incident response plan and multi-factor authentication.”
Throughout the month, informative blog posts with topics ranging from the importance of enabling multi-factor authentication (MFA) to promoting the Information Security Incident Response Plan were published on the Security Matters website, in addition to our campaign and resources pages, garnering a total of 746 page views over the month.
CSAM-related content on the Security Matters website saw a 10 per cent increase in page views from last year’s campaign.
On the ITS Twitter account, CSAM content engagement (clicks, retweets, replies, follows and likes) increased by 106 per cent from the 2020 campaign. The CyberAware Twitter account also saw a 69 per cent increase in CSAM content engagement from last year.
Coffee with the CISO events
The Coffee with the CISO student session helped 11 U of T students learn more about the current outlook of cyber security at U of T and included meaningful insights from Isaac Straley, looking back on his career in the field. During the event, Isaac Straley, CISO, U of T said, “Fraud and phishing pose a significant threat to the University community. We are working with the community to address this risk by not only enhancing our security capabilities but also equipping community members with the knowledge they need to protect themselves.”
The second Coffee with the CISO event welcomed 18 attendees and allowed U of T faculty and staff to engage with Isaac Straley about what cyber security looks like today in comparison to the past ten years and discuss what it will look like in the future. Straley encouraged an open and informal two-way conversation which allowed for an engaging and informative session.
The post-event survey concluded that attendees found these sessions very relevant and engaging. Most notably, the Q&A segment, two-way conversation and information about the security program were appreciated.
Secure Together virtual panel
On Oct. 26, the Secure Together virtual panel welcomed 49 attendees from across the tri-campus community. The panel featured three experts in information security and workforce infrastructures, nation state threats and governmental policy. The hour-long event started with key presentations from the panelists: Abdullah Alagha, Cyber Security Instructor, U of T; Ron Deibert, Director, the Citizen Lab and Julia Le, Senior Manager, Cyber Security Education & Centre of Excellence, Ontario Government.
Speaking about the cyber security workforce, Abdullah Alagha attributed the shortage of jobs to three main reasons: technology is getting more complex, people are finding it difficult to keep up with the ongoing changes and education and it is becoming increasingly difficult to control environments with all the required processes.
In his presentation about the latest high-end threats in cyber espionage, Ron Deibert spoke about embracing a culture of digital hygiene. He expressed that every organization should think about security from the ground up rather than leaving it as an after-thought.
During Julia Le’s session about how cyber-crime impacts us on a human level, she said, “Cyber security is not only about the technology, but also the ‘human factor’. Organizations and people should focus on educating people, as small actions online can have meaningful impacts.”
The panel was followed by an engaging Q&A session, during which they suggested valuable information security tips such as keeping software up to date, using anti-virus software and utilizing tools like Citizen Lab’s Security Planner to keep ourselves secure online.
Though CSAM 2021 has ended, it is our shared responsibility to stay safe and secure online every day. We hope the information shared throughout October keeps you cyber smart at home and at work, year-round.