Introducing Cybereason Endpoint Detection and Response (EDR)
This Summer, IS&T will be conducting a migration project of the EDR application used to protect laptops, desktops and servers. Our current solution, Carbon Black, will be replaced with a next generation Endpoint Protection Platform, Cybereason. West Chester University is making this change to provide improved defenses on user’s endpoints and utilize Cybereason as a comprehensive security solution. The change will be seamless for end-users and will provide new and improved security measures for the entire organization.
EDR applications are the primary layer of defense to protect an organization’s computing devices. These solutions provide protection by preventing known malicious applications from running, halting the downloading of potential viruses and malware, detecting suspicious behavior and user actions and alerting technical support analysts to take action. Cybereason has been evaluated against the industry leaders in the EDR space and come out on top in almost every independent study. When specifically compared to Carbon Black, Cybereason shows:
- Up to 93% increase in efficiency for response and investigations
- Unmatched performance in detection and prevention of ransomware when attempting to install on all available Operating Systems
- Significant improvement in detection and prevention of “Zero-Day” viruses and malware, where Carbon Black struggled to restrict such unknown malicious applications from running.
Overall, the migration to Cybereason should result in a significant improvement in the protection of West Chester University’s computing assets, while largely going undetected from the end-user perspective.
KnowBe4 Cybersecurity Awareness Training
Recently, PASSHE Executive Leadership Group (ELG) mandated that all universities provide and require annual IT Cybersecurity Awareness training for their faculty, staff and students. The employee training and management program is also required to comply with the US Department of Education GLBA requirements. We will also begin conducting simulation phishing exercises annually. All employees will receive an email from WCU Office of Information Security to complete an annual campaign, WCU’s Information Security Awareness Training.
Cyber-attacks are commonly initiated through email known as phishing which can often lead to other vulnerabilities to data resulting in ransomware or other types of malware to cripple university systems. IS&T appreciates the campus community’s participation in this campaign help everyone make the most of today’s technology…safely and securely.
Self-Paced cybersecurity awareness training materials for students are available on D2L in a site called Navigating Digital Learning.
It is important to remember to Be Cyber Smart and Think Before You Click. Bad actors are intensifying their efforts to trick unsuspecting users into scams that can steal your credentials, inject malware onto devices, or obtain credit card information by falsely selling products. Most recently, they have started using the COVID-19 Omicron variant, and false DUO alerts as a lure to trick you. Higher education institutions are often targeted especially when users are focused on exams and projects and less likely to spot a scam.
Things to consider to navigate the season safely and securely:
Think before you click. If an email looks suspicious or an offer looks too good to
be true, it probably is.
Learn how to Report suspicious emails
Don’t fall for fake delivery notifications or text messages.
Learn how to deny a fraudulent Duo Request
IS&T encourages everyone to take increased ownership of enhanced online activity and the important security practices that come along with it. The virtual safety of our community, and, ultimately, our nation, depends on our personal online safety practices. Cybersecurity is important to West Chester University and we are committed to helping our faculty, staff and students become more resilient.
Be Cyber Smart
Stay protected while connected.
Before you connect to any open/public wireless network (like at an airport, hotel, or cafe) be sure to confirm the name of the network and exact login procedures to ensure that the network is legitimate. If you use an unsecured public access point, practice good internet hygiene by avoiding sensitive activities (banking and shopping) that require passwords or credit cards. Using a personal hotspot or cellular data is often a safer alternative to free Wi-Fi. Only use sites that begin with https:// when online shopping or banking.West Chester University's RamNet WiFi is a secured network. It is secured by an enterprise network authentication protocol called 802.1X. Using this protocol, all network traffic, including usernames and passwords, are encrypted during transmission. During the connection process, usernames and passwords are checked to verify that the user is an active member of the WCU community. Once confirmed, appropriate network access is assigned based off network needs and requirements. Remember, free Wifi could cost you .
Fight the Phish
Play hard to get with strangers.
Cyber criminals use phishing tactics hoping to fool their victims. If you are unsure who an email is from (even if the details appear accurate) or if the email looks "phishy" do not respond and do not click on any links or attachments found in that email. When available use the "report Phish" or "Report" option to help your organization or email provider block other suspicious emails before the arrive in your inbox.
Deny a Duo login approval request if you did not initiate it.
Imagine you are getting coffee with friends and you receive a Duo Multifactor authentication request on your phone. You suspect that it is fraudulent because you are not trying to log into any systems or accounts. What should you do? You should deny the request. This article explains how to deny a fraudulent Duo login approval request: https://wcupaprod.service-now.com/kb_view.do?sysparm_article=KB0011185
Social Media Cybersecurity Tips
Never Click and Tell.
Limit what information you post on social media. Popular quizzes often ask users a series of shareable personal questions, ranging from the name of their pet, childhood best friend, first grade teacher or their birth city. Some people see them as a fun way to bond with friends, but many of these queries are similar if not identical to security questions used when setting up accounts at banks and other organizations. Keep Social Security numbers, account numbers, and passwords private as well as specific information about yourself such as your full name, address, birthday, etc.
Think Cybersecurity First
Cybersecurity is a year-round effort and staying safe online is increasingly important as our world continues to operate virtually for so much of work and play. We should all approach cybersecurity with care in owning, securing, and protecting all our online accounts, data and information. West Chester University offers these resources that you can utilize to keep yourself safe online:
- CISA’s Cyber Essentials – basic cyber best practices for business leaders: cisa.gov/cyber-essentials
- Learn about careers in cyber with the National Initiative for Cybersecurity Careers and Studies: niccs.cisa.gov
*National Cyber Security Alliance (NCSA) and the Cybersecurity and Infrastructure Agency (CISA) content is copyrighted and reproduced under the Creative Commons BY-NC-ND 3.0 or Creative Commons BY-NC-ND 4.0 license.
KnowBe4 User Awareness Training for Faculty & Staff
This is an offering for all faculty and staff. It involves taking a 15 minute online webinar that teaches you the basics of information security and privacy. KnowBe4 is a Security Awareness platform that was originally started by famed hacker, Kevin Mitnick. WCU Employees can get to KnowBe4 by going to https://training.knowbe4.com/ui/login and login with your WCU credentials.
Self-Paced Training for Students
Information Services & Technology teams worked with the Office of Digital Learning and Innovation ( ODLI ) to put together a short security awareness class for students on D2L in a site called Navigating Digital Learning. The focus of the training currently is around Phishing Emails.
Information Security Tools @WCU
WCU has various methods of offering Information Security and Privacy programs. Information Security can only be achieved with lots of layers (like an onion.) One of those layers is the concept we sometimes call the "Human Firewall." Many times this is the first layer that protects the confidentiality, integrity and availability of data and IT services. This means YOU. However, in order to make that achievable, WCU has provided a few services and educational opportunities to assist you.
DUO Multi-Factor Authentication
Mimecast Email Security Gateway
Mimecast is an email filtering service that sits between you and your WCU email account. Mimecast is designed to help protect your account from Unsolicited Email (Spam), Phishing Attempts and Malware.
Cybereason is an Endpoint Detection and Response (EDR) system that detects suspicious activity, uncovering attackers’ behavior patterns and empowering IS&T to detect and stop emerging attacks. As part of a multi-pronged approach to enhance endpoint security monitoring, all university owned laptops and desktops now require an application called Cybereason.
If you receive a suspicious email, you can visit The Phish Bowl to view a list of latest phishing attempts. If the email is posted, then the email has already been reported, and you can simply delete the email. How to Spot and report a Phish or Spam email.
Phishing Red Flags:
For your safety and security, please consider the following red flags if you receive a job via email that is not coming from Handshake, or from a professor, student, or staff member at the university that you know and trust.
- Is a personal assistant job, or a job where the employer is not named
- Comes from an email address that doesn’t match the company’s name
- Does not provide information, such as the title of the person sending the email, the employer’s address or phone number, etc.
- Offers to pay a large amount of money for not much work
- Offers you the job without interviewing you
- Asks you to pay an application fee or some other fee as a condition of starting employment
- Wants you to transfer money from one account to another, by wire service, courier or other means, or deposit a check that they send you
- Requests your bank account or credit card information
No legitimate employer will send payment in advance and ask you to send a portion of it back to them. These jobs are often posted as a personal assistant or administrative assistant and ask for assistance in depositing checks or doing mystery shopping. These checks are fraudulent and can end up costing you hundreds of dollars.