Auburn > OIT > Year In Review > 2020 > Supporting the Auburn Mission > Cybersecurity

Cybersecurity

Cybersecurity is an ever-changing field, and it is only increasing in importance. Every year, our cybersecurity team engages in a number of major projects, plus regular security maintenance and awareness efforts. This year we've grown our team, increased security across campus, found new ways to grow awareness, and dealt with the unique issue presented by supporting secure practices while working and studying remotely.

Major Projects

A presentation at the first Cybersecurity Liaisons Meeting

Students working in the new Security Operations Center

The cybersecurity team worked on several major projects throughout 2020. One of the most significant events was the implementation of a new campus wide VPN. This new system provides easier mobile VPN access as well as device health checks whenever logging in to help prevent compromised devices from accessing sensitive data.

Other major initiatives include procuring KnowBe4, which allows us to provide both role-specific and campus wide cybersecurity training, and starting the work on a new security documentation protocol which will ultimately allow the University to continue participating in federally funded research projects.

Awareness Efforts

The 2020 NCSAM poster for working and studying securely while remote

Our cybersecurity team does impressive work, but the rest of campus still has an important role to play in protecting themselves and the university. In order to achieve that, the cybersecurity team works throughout the year to raise awareness. Some of the efforts from 2020 were:

Jay James, a lead cybersecurity engineer, served as a panelist on "Cybersecurity Tips During a Pandemic" and "Cybersecurity Now & Later" panels.
Jay also published an article called "The Ever Expanding Scope of SOC Skills" on Cybrary.
The cybersecurity team created an entirely digital push for NCSAM with a theme focused on working and studying securely while remote.
The team began enrolling newly hired employees in role-specific cybersecurity training via KnowBe4.
Several articles went out to the campus community regarding potential scams revolving around COVID-19, economic payments, and remote work.

Cybersecurity COVID-19 Response

The COVID-19 pandemic and subsequent alternate operations brought a spotlight to various cybersecurity concerns that hadn't been primary focuses previously. The Cybersecurity team worked tirelessly to promote awareness and protect against various threats. Some of the outstanding efforts include:

The accelerated timeline for implementing a new, more secure VPN;
Working extra hours on the new VPN to make sure it was configured to handle the increased number of users trying to use it;
Capitalizing on the alternate operations to identify and mitigate specific cybersecurity risks regarding a mobile workforce which will likely become a more common practice;
Making the campus community aware of various scams that arose as a result of the pandemic, federal economic payments, and remote communications.

Cybersecurity Numbers At A Glance
12,578,404 threats blocked by firewalls
15,000 malicious files quarantined before reaching campus
2,264 alerts and event tickets handled by the Security Operations Center
1,575 new hires received training in Cybersecurity Awareness
464 individuals completed role-based training specific to certain secure datasets