Web Accessibility Support
Community

A Year After Historic Cyberattack, Howard Tech Security Efforts Punctuate Cybersecurity Awareness Week

Howard Hosts Social Media Technology Conference “Social Media: Empowering Diversity and Ensuring Security” and Google Workshop, Thurs. Oct. 3

This week, Howard is launching its National Cybersecurity Awareness Month campaign for the University community. The campaign will give all end users at Howard useful information on how to spot potential attacks through phishing, tailgating, and other network intrusion tactics, in the hopes of building stronger digital citizenship at the institution.

This comes a little more than 13 months since Howard University experienced a historic attack on its technological infrastructure. Howard University’s Enterprise Technology Services division continues its strategy to bolster resilience and recovery in its daily operations.   

“We have come a long way since last September,” says Olga Osaghae, associate vice president and chief information officer for Howard. “Our relationships with network support vendors, new hiring within our division, and efforts to build a knowledge base and compliance among students and employees are starting to deliver positive results.”  

Osaghae says that the decommissioning of Howard's legacy network and eliminating wire maintenance costs have improved issues like inconsistent Wi-Fi connectivity and customer unhappiness with network stability. Following a ‘net new’ campaign to replace all university-issued laptops, and desktop computers last fall after the cyberattack, revised service hours in the university iLab have reduced helpdesk requests and improved access for applications like Workday.  Decommissioning the legacy network, Osaghae says, has provided more visibility for improper connections and activity on the new network, which reduces hacking attempts. 

The University continues regular messaging on phishing awareness, and all employees are currently undergoing mandatory network security awareness training which will conclude by Oct. 31. This week, the University announced increased protections for multi-factor authentication from mobile devices, making it easier for users to detect unauthorized access to their accounts, and harder for them to accidentally authorize access for bad actors.  

ETS officials say the office is focused on continuous improvement through replacing devices campus-wide as they reach ‘end of life’ status, and continual testing for user network compliance. A recent phishing test administered by ETS revealed that more than 13% of campus users clicked on a link that, if deployed by a network intruder, could have severely compromised campus network performance. 

“That’s something we have to improve; our click rate on phishing links,” Osaghae says.  

Even with challenges, ETS and University leaders are optimistic about the resilience of the campus to build and maintain strong network protection practices from the level of enterprise management and maintenance down to the individual user.  

“I am very pleased with the progress the campus is making with improving our network performance and access, and with the transparency of ETS in empowering users to resolve issues and improve network proficiency,” says Tashni-Ann Dubroy, executive vice president and chief operations officer. “I am confident that Howard will achieve the goal of becoming a model in higher education for innovation in tech infrastructure.” 

Click HERE for mandatory KnowBe4 security awareness training.

CYBERSECURITY WEEK BEST PRACTICES (Courtesy: Cybersecurity and Infrastructure Security Agency) 

  • Think before you click: Recognize and Report Phishing: If a link looks a little off, think before you click. It could be an attempt to get sensitive information or install malware.  
  • Update your software: Don't delay – If you see a software update notification, act promptly. Better yet, turn on automatic updates. 
  • Use strong passwords: Use passwords that are long, unique, and randomly generated. Use password managers to generate and remember different, complex passwords for each of your accounts. A password manager will encrypt passwords securing them for you! 
  • Enable multi-factor authentication (MFA): You need more than a password to protect your online accounts, and enabling MFA makes you significantly less likely to get hacked.