W&M IT’s team of experts work around the clock to keep our community safe online
Throughout the month of October, William & Mary Information Technology celebrated National Cybersecurity Month by sharing important tips with the community and encouraging faculty and staff to take their annual security awareness training. While cybersecurity is everyone’s responsibility, W&M IT’s security team goes above and beyond to keep all university accounts as safe as possible.
In September 2023, the security team discovered a slew of sophisticated phishing attempts impacting our community, and immediately sprang into action. The team’s work often goes undetected by account holders because they often catch issues before they ever become real problems or full-blown, successful attacks. In this case, Pete Kellogg, Chief Information Security Officer, alerted the community about the phishing attempts because not only were they sophisticated, but some of our community members had already fallen victim to them.
Because of the team’s quick work over Labor Day weekend, they were able to untangle the mess the attackers had caused and do it before anything truly serious happened. So how does one of the most “under the radar” teams at the university protect us all from cyber-attacks? Let’s take a behind the scenes look.
To monitor the 56,312 accounts at the university, the security team has various tools in their toolkit, including one called Microsoft Defender XDR. This toolset allows the team to protect the email and collaboration suite from malware and phishing, identify suspicious activity, identify risky users, potential credential compromise and provides endpoint AV, and more.
In addition to email and identity, Defender for Cloud Apps provides information protection, threat protection and extended detection and response (XDR) capability and is a cloud access security broker that provides discovery and visibility into SaaS and data in the cloud.
Microsoft Purview is another tool in the toolkit, which is a newly evolved platform that provides compliance tools including data loss protection.
New safety tip for inboxes
Most recently, the security team turned on the first contact safety tip in Microsoft Outlook to guard against phishing, which is the number one threat to cybersecurity at the university. This setting flags if you are getting a message from an address for the first time or if you haven’t gotten a message from it in a long time, which helps to guard against potential impersonation attacks.
The safety alert is meant to draw your attention to the email address so you can review it and confirm whether or not it is legitimate.
If the email address is not familiar to you, forward it to email@example.com for the security team to review. You’re also able to add contacts to a safe senders list if you would like to avoid having the safety tip appear for them.
These are only a few of the ways the W&M Information Security team works to keep us all safe online. Learn more about the team and access online security tips on the Information Security website.