The Division of Information Security strives to improve the overall security posture of the agencies, boards and commissions it serves but to also share information security best practices, links, and assorted other information regarding information security.
What is Cyber Security?
Cybersecurity is a frequently heard buzzword. It is defined in a variety of ways but the National Institute of Standards and Technology (NIST) defines Cybersecurity as:
"The body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access."
Information Security vs. Cybersecurity
Remember, information security is concerned with all information no matter the format, storage or mode of transmission (electronic, paper or oral). The term "Cybersecurity" has a digital or computer implication.
What is Phishing?
The term "Phishing" is not referring to an activity that involves a pole and a lake! Phishing (pronounced fishing) is a type of deception or fraud that uses e-mail messages, websites or phone calls to dishonestly exploit sensitive information from you OR install malicious software on your computer. Any time of year is "Phishing" season. Explore:
- The "Phishing Emails and You" newsletter
- Flyers on Phishing and Smishing
- The Ask a Hacker series of videos
Avoid being Phished!
Phish Bytes – The fresh catch
Highlighted below are examples of texts, phone calls, and emails our employees have seen at work or in their personal lives. Click the Phish Bytes section to the right to see previous “catches”.
Catch of the week
Why is the above fake?
• If you work in an office setting, you would not receive an email from Microsoft regarding your account. Any email would be from your internal IT team.
• Look carefully at the sentence that says “upgrade now to avoid email issues.” Upgrade is not capitalized but yet it uses a period. Grammatically incorrect.
• For a home user, always go to the trusted website of your service provider and login with your credentials. No need to click on a link in the email when you know the correct website for your accounts.