Cybersecurity @ UBC
What is Cybersecurity?
Why do I need protection?
What sort of things should I be conscious of?
What sort of things should I do to keep safe?
Are there other resources I can use to keep safe?
RSS Feeds, Newsletters and Other Resources
Cybersecurity is a concept most people don't think about very often. When it does come to mind, there's often so much information it's hard to know where to begin when trying to protect your data. It doesn't have to be this way! There are many resources available right here at UBC for you to help build your awareness on how to protect yourself and your information. Did you know, for example, that UBC has a Personal Information Security & Governance Program? Or that we have numerous resources for faculty, staff and students to keep their computers, phones, tablets and other devices safe from threats? You can find out about these things and more all by reading through some of the information posted on this site. Make sure you keep coming back from time to time, too, as we'll keep updating these pages with handy information for everyone at UBC!
If you heard the term Cybersecurity and felt like you didn't know what it meant, don't worry - you're not alone! Cybersecurity covers so many topics and so many possible areas of interest that it's almost impossible to cover them all. Basically, it covers the steps taken to keep your data safe, and to protect you from threats in the digital world, as well as actions you can take to handle incidents when you fall victim to a cyber threat. It can cover things as basic as putting a password on your phone, right through to how to report identity theft. We can't cover all of these things on this site, but we can point you at some valuable resources to get you started!
Last year, in the UK, there were over 700,000 incidents involving mobile phone thefti. Every day, more than 200,000 new malicious programs are discovered every dayii. In 2009, over 240,000 people in British Columbia reported being victims of internet bank fraudiii. With cyber crime and malware threats on the rise, it's becoming more and more important to make sure we remain educated on how to keep our information protected and keep our data safe. Following strong information security practices, and keeping abreast of new tactics for keeping yourself and your data safe will help reduce these threats.
It seems like every day there are new threats out in the wild. Some of the most common ones include:
- Phishing - email or websites that spoof legitimate sites, tricking you into providing personal information
- Social Engineering - confidence tricks designed to manipulate someone by giving just enough information for you to give them what they need in order to commit fraud or gain system access
- Mobile device/laptop/USB drive theft
- Viruses and spyware - malware that could cause your computer to become accessible to unauthorized users, or could even corrupt or delete data without your knowledge
- SPAM - unrequested/unauthorized email or messages that can be used as a method of verifying a person's existence, leading to more malicious phishing or hacking attempts
- Password compromises and other hacking attempts
- Shoulder-skimming - looking over your shoulder in order to glean information on your screen, such as your password or other sensitive information
- Email security - attempts to get access to your email account either by phishing attempts, or by installing add-ons to your email client, or giving access to your email to apps on your mobile device, and so on.
But there's more than that! It's almost impossible to keep track of everything. However, following strong Cybersecurity practices will keep you safe from most threats, even ones you've never heard of!
Some of the most basic things people can do to keep safe are things people rarely do. Here's a list of a few things that will help keep you safe:
- Don't open suspicious emails or follow links in suspicious messages. Always ask first if you're not sure if a message is valid;
- Don't download software without ensuring it is free of viruses or spyware. Make sure you have strong virus and malware protection installed on your machine;
- Follow UBC policies and standards
- Use strong passwords (minimum 10 characters with upper case, lower case, numbers and symbols) or a passphrase of at least 16 characters; See an example of password vs passphrase strength
- IT staff will never ask for your password; emails that ask for this should be reported to your IT support staff - please see the Phishing page for more details;
- Use encryption to protect files and drives, or use encrypted devices to secure your data.Please refer to Information Security Standard U5 – Encryption Requirements
- Use common sense. No one legitimate will ask for sensitive information via email or unsecure websites
- Make sure websites are secure before putting in sensitive data. Look for the s in "https://" before a web address, and an icon that looks like a padlock (for example: ) on your browser's address bar or status bar and click on the padlock icon to find out more information on how the site is secure;
- Don't leave passwords on sticky notes or in notebooks lying on your desk. Always maintain a desk clean of sensitive information, and ensure you don't leave personal information out in the open;
- Follow the items on UBC IT's Top 10 Computer Security Tips
Even though this list is hardly exhaustive, following these simple tips will start you on the road to keeping your data secure and keeping yourself safe from cyber threats.
There are plenty of resources available to keep yourself informed and keep yourself secure. If you're interested in finding out more about Cybersecurity, have a look at these sites:Online Resources
- Stay Safe Online - https://www.staysafeonline.org/
- Get Cyber Safe - https://www.getcybersafe.gc.ca/index-eng.aspx
- Stop|Think|Connect - https://www.stopthinkconnect.org/
- The SANS Institute - https://www.sans.org/security-resources/
- The SANS Security Awareness Tip of the Day - https://www.sans.org/tip_of_the_day.php
- UBC Personal Information Security Governance - https://riskmanagement.ubc.ca/personalinfosecuritygovernance
- UBC Information Security Office - https://it.ubc.ca/services/security/ubc-information-security-office
- RCMP Internet Safety Resources - https://www.rcmp-grc.gc.ca/is-si/index-eng.htm
- Microsoft's Safety & Security Center - https://www.microsoft.com/security/resources/cybersecurity.aspx
- Google's "Good to Know" - https://www.google.ca/goodtoknow/online-safety/
- Sophos's Facebook Security Best Practices - https://www.sophos.com/en-us/security-news-trends/best-practices/facebook.aspx
- Twitter's Safe Tweeting - https://support.twitter.com/articles/76036-keeping-your-account-secure#
- Fight Cyber Stalking - https://www.fightcyberstalking.org/