After recovering from a cyberattack experts said Morehead State University continues its efforts to protect its organizational and personal data. October is National Cybersecurity Awareness Month, a joint initiative through the Department of Homeland Security and the National Cybersecurity Alliance.
Patrick Gonzales is the Lead Director of Information Security and Compliance at Morehead State University. After working with university staff and students of all ages, he said despite common misconception, young people are just as prone to cyberattacks and security breaches as older generations.
“I don’t see a whole lot of difference right now. I see a lot of the younger generation making the same mistakes, and I think it’s because, you know, maybe they’re a little more distracted and less suspicious. And some of the older folks who understand that they’re not as technology savvy, tend to be a little bit more aware and suspicious and paranoid, if you will, of things that pop into their inbox or people trying to call them up and scam them,” said Gonzales.
Gonzales said the world of cybersecurity is often compared to a continuous game of cat-and-mouse.
“There’s this whole paradigm where if the bad guys, if there wasn’t a way to monetize cybercrime with ransomware attacks and folks paying ransom, then there wouldn’t be any need for us and vice versa,” said Gonzales. “So, the two kind of play off each other, like light and dark, good and evil. They kind of define each other, one wouldn’t exist without the other.”
Following the cyberattack MSU experienced in July, the institution has been at work to reinstate and update its systems. According to September’s campus update, all primary systems and most secondary systems are online. Gonzales said MSU is taking creative measures to enhance its safety.
“We’re in the process of, right now, working with an outside vendor to do security assessments to our own infrastructure and there’s people the penetration testing assessments are run by. Essentially, kids who have grown up hacking into things. And so, we’re going to let them come and test our vulnerability and give us a report, and whatever they find, we’ll fix. Hopefully, they don’t find much, and we’ll go from there,” said Gonzales.
Gonzales said he believes MSU would benefit from a cybersecurity degree program for students interested in the field, and he would eventually like to see the institution participate in cybersecurity competitions to enhance participants’ skills.
According to the federal Cybersecurity and Infrastructure Security Agency, individuals can stay safe online by recognizing and reporting phishing attempts, using strong passwords, enabling multi-factor authentication (MFA), and updating their software to close security code bugs.
Further updates on campus cybersecurity are available on the Morehead State University Facebook page. More information on Cybersecurity Awareness Month can be found at https://www.cisa.gov/ .