On Oct. 14, the University of New Mexico announced that it would require new annual cybersecurity training for all University employees.
The training, which is called “Securing the Human,” covers basic cybersecurity principles. Through the course, employees learn how to identify phishing attacks, the importance of password security, and which steps to take if there is suspicion of a threat.
The training is one of four mandatory training courses for UNM employees this year. The other courses teach basic and emergency safety procedures, as well as steps to take to prevent harassment, according to UNM Newsroom.
The course takes about 10 minutes and includes four short videos and a final quiz.
Sandra Moore, a cybersecurity expert and UNM clinical business faculty member, defines cybersecurity as safeguarding systems and data, and access to those systems.
Education is one of the most commonly targeted sectors for data breaches. In 2023, there were 238 data breaches throughout the education industry, according to a Verizon Data Breach Investigation Report.
More than 30% of those breaches involved the use of stolen credentials. The rest involved social manipulation and malware — malicious software that alters a device's function.
In a statement to the Daily Lobo, UNM Information Security and Privacy Officer Jeff Gassaway wrote that UNM is a more likely target of cybersecurity threats because the University collects “many kinds of regulated data” in its computing systems.
The course recommends being wary in the event of a large natural disaster or tragedy, because that often results in increased rates of cybersecurity threats — commonly in the form of phishing.
Phishing occurs when scammers send fake communications in an attempt to make someone reveal personal information, according to the Federal Trade Commission.
Making sure to only respond to emails sent from trusted sources is also important to protect oneself from phishing schemes, Moore said.
“Just take a minute, look at your emails, make sure it's coming from somebody you're familiar with,” Moore said. “Phishing is the No. 1 way hackers get in.”
Get content from The Daily Lobo delivered to your inbox
Systems can also get exposed to hackers through a brute-force attack, which is a method of accessing an obstructed device by attempting multiple password combinations, according to the National Institute of Standards and Technology.
Keeping passwords secure and unique helps prevent the possibility of a brute-force attack, Moore said.
UNM already has several cybersecurity protocols in place, according to Gassaway: patching systems against known vulnerabilities, and multifactor authentication.
“Make sure you give limited information out, because you don't know what somebody's going to do with it,” Moore said.
Jaden McKelvey-Francis is a freelance reporter for the Daily Lobo. He can be reached at news@dailylobo.com or on X @dailylobo
