Securing Cyber for Ohio Initiative
Cybermindfulness is more than the awareness that cyber threats exist. It's an attitude of alertness to threats and an expectation that threats will evolve. It's a sense of stewardship for both personal and community information resources. It's taking responsibility to stay informed, share knowledge, report concerns, and actively take steps to reduce risk and increase defenses. It's a commitment to the ongoing development of knowledge, skills, and communication. Interested organizations may adapt this to develop their own Cybermindfulness programs.
The UD-CCDI has developed a library offering videos on a wide variety of cybersecurity topics:
- Short-form public service announcement-style messages on a wide range of cybersecurity awareness topics such as phishing, choosing good passwords, protecting personal information, backing up personal machines, etc. These videos are shorter and make cybersecurity topics approachable for non-technical audiences
- Long-form instructional videos on topics such as Social Engineering, the Artificial Intelligence and Blockchain. These run up to twenty minutes and are more in-depth and instructional in nature
Led by John Wolfe, and using AT&T’s AlienVault Open Source Security Information and Event Management (OSSIM) tool, the UD-CCDI has built a SOC simulator. A key feature is that we use the Open Source Carnegie-Mellon Ghosts traffic generator to target specific traffic at the SOC so that students may be assessed on how well they identify patterns of malicious traffic appearing on the simulated network environment.
The best way to help your personnel avoid being phished is to phish them yourself as a training tool. Several companies provide this service, but it may be prohibitive for smaller organizations. Developed by John Wolfe, and employing the GoPhish open source phishing framework, UD-CCDI has taken the tool provided by GoPhish and developed a set of instructions that small organizations may use to configure this framework for use on their network.