Information Security Awareness Activities
Information security alerts have increased rapidly in recent times. William & Mary’s Information Security team is diligently monitoring these alerts and responding accordingly. Phishing continues to be one of the biggest information security risks we face at the university. It’s the primary cause of ransomware, compromised accounts and malicious software, and we fight a constant battle against it. Experience shows that the majority of data security incidents are a result of individuals not recognizing bogus email messages and responding to them as a result.
Therefore, a key objective of our defense strategy is promoting a knowledgeable user base. To that end, W&M IT focused on enhancing its information security awareness program this year to include:
- Annual information security training.
- Simulated phishing campaigns.
- Informational websites explaining how to identify and respond to phishing emails.
Simulated phishing exercises are designed to educate W&M network users about sophisticated attacks. They provide an additional opportunity to inform users about W&M resources to identify and report suspicious content in emails (e.g., attachments and/or URLs). These efforts require a small amount of time each year, and our community's awareness not only protects the university, but it also protects us in our personal digital lives.