Skip to main content

Cornell University

IT@Cornell

Latest News

Person signing in securely on a Computer

A Message from Robert Edamala, Chief Information Security Officer

Greetings,

It’s that time of year! October is National Cybersecurity Awareness Month (NCSAM), an annual campaign to share helpful resources everyone needs to stay safe and secure online.

In today’s digital world, cybersecurity isn’t just an IT concern, it’s everyone’s responsibility.

You’ll see tips, activities, and resources shared each week, and we encourage you to participate, ask questions, and take advantage of everything being offered.

The theme this year is Stay Safe Online. Throughout the month, Cornell’s IT Security Office will share simple but powerful actions that everyone can take to strengthen our cybersecurity:

  • Use strong passwords and a password manager
  • Turn on multifactor authentication for your personal accounts
  • Update your software
  • Recognize and report scams

Cyberattacks and hackers are targeting Cornell.

Criminals continue to target Higher Education Institutions through sophisticated phishing schemes and scams and Cornell is not an exception. Faculty, staff and students have been subject to increasing social engineering and scams. Be ever vigilant and report email scammers posing as a professor offering fake jobs, or a supervisor asking you to send money.

Attackers see Cornell as a high-value target. We can all expect to experience more, and more sophisticated, attempts in the future.

But we’re not defenseless.

Fortunately, most attacks are easy to recognize. As a shared responsibility, here are a few ways we can protect ourselves and each other from cyberattacks:

  • Watch out for, and do not approve, Duo two-step prompts you didn’t initiate. This likely means your NetID password has been stolen, so change it immediately and contact the IT Security Office. This year, we are making changes to Duo to reduce the likelihood of attackers manipulating you into approving access, but we’re relying on you to be vigilant.
  • Never share your NetID password or reuse your password on non-Cornell websites and watch out for phishing emails that attempt to steal your password. See the Phish Bowl for examples.
  • Keep your computers up-to-date and install antivirus software. Cornell employees should always use a Cornell-managed Certified Desktop computer that includes essential protections.
  • Cornell faculty and staff can use Secure Connect to add an extra layer of security to their Cornell-managed and personal devices. There are many benefits to using passkeys, including keeping your accounts protected even if you've had your password stolen, or you've fallen for a phishing scam.

Please join me this month in staying safe online. The more informed and empowered you and I are, the safer our community is.

Thank you.

Robert Edamala

Chief Information Security Officer

Tags

cybersecurity
national cybersecurity awareness month

Comments?

To share feedback about this page or request support, log in with your NetID

At Cornell we value your privacy. To view
our university's privacy practices, including
information use and third parties, visit University Privacy.