Educause Security Discussion mailing list archives
Re: Cyber Security Awareness Month - Examples of Online events or Phishing
From: Stacy Lee <sbl () STANFORD EDU>
Date: Wed, 2 Sep 2020 03:09:48 +0000
At Stanford we will be running a week long Virtual Festival for CyberSecurity Awareness month. We will be hosting a variety of speakers, panels and workshops. Some of our workshops will be inline during the event such as our Red Team/Blue Team Exercise, Cardinal Key Workshops and Table Top IR Exercise to name a few. We will be running some out of band activities running off the CTFd platform for people to do on their own time and plan to have an online leaderboard to make for some friendly competition. @Kristen Dietiker: love the idea of the Scavenger Hunt and your thought process behind it and thanks for the links. Check out our event site at https://cyberfest.stanford.edu for what we have planned and stay tuned for updates. Cybersecurity and Privacy Festival 2020 | University IT<https://cyberfest.stanford.edu/> What’s in it for me? The festival will provide value for students, faculty, and staff alike, including: Deepen your knowledge about the importance of cybersecurity and privacy to ensure that Stanford community have the resources to be more secure online cyberfest.stanford.edu Stacy Lee ISO | Security Operations Stanford University ________________________________ From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Kristen Dietiker <000001c25973bc27-dmarc-request () LISTSERV EDUCAUSE EDU> Sent: Tuesday, September 1, 2020 6:29 PM To: SECURITY () LISTSERV EDUCAUSE EDU <SECURITY () LISTSERV EDUCAUSE EDU> Subject: Re: [SECURITY] Cyber Security Awareness Month - Examples of Online events or Phishing I've built an online scavenger hunt, modeled after one SANS did several weeks ago for their awareness summit: https://sites.google.com/view/ScavengerHuntStart<https://urldefense.com/v3/__https://sites.google.com/view/ScavengerHuntStart__;!!POPwgc47LqelFC4T6Q!cPjzFUwH5ZgDff7oUqEeDNuUjpS_BIKtNPUZhW2azTSlLHQGmsZBfktkSXC7E7A-e8owSg$> (Not sure how long their site will be available.) It uses Google forms and Google sites. Answers to clues on a Google form are used to create a key that becomes part of the URL of the next level (A Google site), which has another form with clues to unlock the third level. (Wrong answers won't generate the correct URL). The SANS version concluded with "finding the buried treasure" by generating coordinates for Google maps. I've ditched this part and just created an end page with a "Congrats, here's a reward" message. Those rewards will likely be cybersecurity & SCU themed wallpapers or Zoom backgrounds they can download right from the end page. I also hope to do drawings for small prizes. I thought most of the SANS questions weren't really suitable for our faculty and staff and didn't really serve to drive behavioral change. I really tried to focus on creating clues and answers that addressed the common problems we see–such as account security. My questions are split between asking about SCU security resources, and advice that is found on our website, and security resources around the web. Most questions focus on using long passwords, password managers, & multi-factor auth, with the purpose of driving change in these areas. A few questions drive people to external resources they can use to assess personal security risk. -- Kristen Dietiker Chief Information Security Officer Santa Clara University (408) 554-5554 On Mon, Aug 31, 2020 at 2:28 PM Royse, Rhonda - (rroyse) <rroyse () arizona edu<mailto:rroyse () arizona edu>> wrote: Good afternoon everyone! I are prepping for our online Cybersecurity Awareness month, and I recall a few universities who have administered online phishing quizzes, or games. Would appreciate any examples or campaigns that you could share! We are looking at phishing instances or even small videos that can help explain key concepts to our audiences. Thank you Rhonda [cid:1744c4d07714cff311] Rhonda Bartz-Royse DCIO/IT Security Program/IAM – Manager Information Security Office THE UNIVERSITY OF ARIZONA Computer Center PO Box 210073 | Tucson, AZ 85721 Office: 520-621-5927 | Cell: 480-209-6465 rroyse () arizona edu<mailto:rroyse () arizona edu> security.arizona.edu<https://urldefense.com/v3/__https://security.arizona.edu/__;!!MLMg-p0Z!XXgIy1D9gBAybI6cB1PvPX_huscU1sk7CJURPvLTlB1oEy7lZrlnluJWpPmsiGU-$> facebook<https://urldefense.com/v3/__https://www.facebook.com/UArizonaInfoTech/__;!!MLMg-p0Z!XXgIy1D9gBAybI6cB1PvPX_huscU1sk7CJURPvLTlB1oEy7lZrlnluJWpLRhDhPP$> | twitter<https://urldefense.com/v3/__https://twitter.com/UaInfotech__;!!MLMg-p0Z!XXgIy1D9gBAybI6cB1PvPX_huscU1sk7CJURPvLTlB1oEy7lZrlnluJWpF5HHz7R$> | instagram<https://urldefense.com/v3/__https://www.instagram.com/uainfotech/__;!!MLMg-p0Z!XXgIy1D9gBAybI6cB1PvPX_huscU1sk7CJURPvLTlB1oEy7lZrlnluJWpO0q57iv$> | linkedin<https://urldefense.com/v3/__https://www.linkedin.com/school/the-university-of-arizona__;!!MLMg-p0Z!XXgIy1D9gBAybI6cB1PvPX_huscU1sk7CJURPvLTlB1oEy7lZrlnluJWpGSdtrVW$> ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community<https://urldefense.com/v3/__https://www.educause.edu/community__;!!MLMg-p0Z!XXgIy1D9gBAybI6cB1PvPX_huscU1sk7CJURPvLTlB1oEy7lZrlnluJWpLV00yGH$> ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community<https://urldefense.com/v3/__https://www.educause.edu/community__;!!POPwgc47LqelFC4T6Q!cPjzFUwH5ZgDff7oUqEeDNuUjpS_BIKtNPUZhW2azTSlLHQGmsZBfktkSXC7E7Dandm__g$> ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- Cyber Security Awareness Month - Examples of Online events or Phishing Royse, Rhonda - (rroyse) (Aug 31)
- Re: Cyber Security Awareness Month - Examples of Online events or Phishing Dickey, A. (Antoinette) (Sep 01)
- Re: Cyber Security Awareness Month - Examples of Online events or Phishing Kristen Dietiker (Sep 01)
- Re: Cyber Security Awareness Month - Examples of Online events or Phishing Stacy Lee (Sep 01)
- Re: Cyber Security Awareness Month - Examples of Online events or Phishing Ullman, Catherine (Sep 02)
- Re: Cyber Security Awareness Month - Examples of Online events or Phishing Kristen Dietiker (Sep 02)
- Re: Cyber Security Awareness Month - Examples of Online events or Phishing Ullman, Catherine (Sep 02)
- <Possible follow-ups>
- Re: Cyber Security Awareness Month - Examples of Online events or Phishing Brian Kelly (Sep 01)