Cybersecurity Awareness Month — Secure Our World

Cybersecurity Awareness Month 2025 is this October and the department of OCIS encourage all users to own their role in protecting themselves and their connected devices. This year's theme is "Stay Safe Online" — providing reminders that protecting your data doesn't have to be complicated.

The website consists of general information, tips, and best practices on protecting yourself online, your digital home devices. Our goal is to help you make the most of today's technology safely and securely.

Introduction

This week focuses on the fourth cybersecurity behavior: Recognize and Report Scams. Phishing and online scams remain some of the most common ways criminals try to steal personal data or gain access to accounts. Learning how to spot suspicious messages and knowing how to report them are key steps in protecting yourself and the CUNY community.

Helpful Cybersecurity Tips

Be cautious with emails, texts, and messages asking for sensitive information.
Check sender details, hover over links before clicking, and watch for spelling or grammar errors.
Don't download unexpected attachments or click suspicious links.
Report phishing attempts:
- At CUNY, use the "Report Phishing" button in Outlook or forward suspicious emails to your IT office.
Stay informed with the latest CUNY cybersecurity alerts on scams targeting students, faculty, and staff.

Additional Resources and Tips:

Facts and Figures:

Insights from the 2024—2025 "Oh, Behave!" Report (National Cybersecurity Alliance & CybSafe) are as follows

52% of people reported phishing attempts — up 2% from last year.
69% feel confident they can recognize phishing attempts, but many still fall victim.
51% of Americans actively report cybercrimes, particularly phishing.
Younger users (Gen Z, Millennials) report more frequent scam attempts due to their higher online activity.

Our emails and supporting information are available from the National Cyber Security Awareness Month (NCSAM) page on the CUNY website. We also provide a growing security resources list on the CUNY Information Security pages. You may also want to visit the OUCH! website to read recent security articles or subscribe to the world's leading, free security awareness newsletter designed for technology users.

If you have any questions about any of this information, please contact your college's Information Security Manager.

Introduction

This week focuses on the third cybersecurity behavior: Update Your Software. Updates often include critical security patches that protect against newly discovered vulnerabilities. Failing to update can leave your devices, apps, and accounts exposed to cyberattacks.

At CUNY, keeping your software updated is an essential step in safeguarding access to University systems and protecting both personal and institutional data.

Helpful Cybersecurity Tips:

Turn on automatic updates on your operating system and apps.
Update not just your computer - don't forget mobile devices, browsers, and plug-ins.
Install updates promptly instead of postponing them.
Remove or replace unsupported software that no longer receives updates.
Restart devices regularly so that updates can finish installing.

Additional Resources and Tips:

Facts and Figures:

Insights from the 2024—2025 "Oh, Behave!" Report (National Cybersecurity Alliance & CybSafe) are as follows:

37% of people install software updates as soon as they are available.
21% admit they often delay updates for days or weeks.
46% of people worry updates will take too long or interrupt their work.
Devices and applications that are out of date account for more than half of successful cyberattacks reported in the past year.
Turning on automatic updates is considered one of the easiest, most effective defenses, yet fewer than 40% of users enable it.

If you have any questions about any of this information, please contact your college's Information Security Manager.

Introduction

This Week focused on the second cybersecurity behavior: "Turn on Multi-Factor Authentication (MFA)." A password alone isn't enough to fully secure your online accounts. Activating MFA greatly reduces your chances of being hacked. Be sure to enable MFA on all accounts that support it, particularly for email, social media, and financial platforms.

At CUNY, Multi-Factor Authentication (MFA) already provides an essential layer of security when accessing your Microsoft Office 365 account and remotely connecting to CUNY network resources. MFA is currently being rolled out across all enterprise applications in collaboration with college IT departments to strengthen protection and ensure consistent access control. Your participation in this initiative is fundamental to improving CUNY's overall security posture.

By adopting MFA and staying engaged with its implementation, you help safeguard institutional data and support a safer digital environment for everyone. The University's Acceptable Use of Digital Assets and Resources policy requires that "Users [be] responsible for engaging in safe computing practices that include ... using enhanced authentication features such as multi-factor authentication where available."

Helpful Cybersecurity Tips

CUNY requires that all students, faculty and employees follow these Cybersecurity Best Practices
Protect yourself against secret shopper, personal assistant and other online scams
Follow CUNY's Best Practices for Secure Learning, Teaching and Working Remotely
When using Zoom, follow CUNY's Zoom Security Protocols
Take advantage of CUNY's online cybersecurity awareness course available through Brightspace:
- Students: ~25 minutes
- Faculty and staff: ~40 minutes

Additional Resources and Tips:

The National Cybersecurity Alliance 2023 Oh, Behave! report lists the following cybersecurity survey responses:

Facts and Figures:

Insights from the 2024-2025 "Oh, Behave!"" Report (National Cybersecurity Alliance & CybSafe) are as follows:

45% of people began using MFA after cybersecurity training - up 11% from last year.
79% of respondents are familiar with MFA, and 70% of those who have heard of it know how to use it.
Younger generations (Gen Z and Millennials) are the most likely to use MFA, while adoption among Baby Boomers and older generations is still lagging.
MFA is one of the simplest and most effective ways to block unauthorized access.

If you have any questions about any of this information, please contact your college's Information Security Manager.

Introduction

This week highlights the first cybersecurity behavior: Use Strong Passwords. Strong passwords are the foundation of online safety. They should be long, unique to each account, and difficult to guess.

Helpful Password Tips:

Make passwords long: at least 13 characters (longer is better).
Use random strings or passphrases: combine unrelated words or mix letters, numbers, and symbols.
Create unique passwords for every account —never reuse the same one.
One approach is to use the initial letters of a phrase to generate a memorable, yet strong password. For example, the phrase “The future belongs to those who believe in the beauty of their dreams.” yields “tfbttwbitbotd” and then upper/lower case, numbers and special characters can be substituted or added to it to make it sufficiently complex.

Passwords Resources and Tips:

Here are some helpful resources to strengthen your online safety practices:

Facts and Figures:

Insights from the 2024 — 2025 “Oh, Behave!” Report (National Cybersecurity Alliance & CybSafe) are as follows:

Only 39% of people use unique passwords for all their accounts.
34% of people began using a password manager after cybersecurity training.
46% say trying to stay secure online is frustrating, highlighting the need for easier tools like password managers.

Our emails and supporting information are available from the National Cyber Security Awareness Month (NCSAM) page on the CUNY web site. We also provide a growing security resources list on the CUNY Information Security pages. You may also want to visit the OUCH! website to read recent security articles or subscribe to the world’s leading, free security awareness newsletter designed for technology users.

If you have any questions about any of this information, please contact your college's Information Security Manager.

Introduction

October is Cybersecurity Awareness Month, an international initiative that helps everyone take simple steps to stay safe online. This year’s theme is “Stay Safe Online” — providing reminders that protecting your data doesn’t have to be complicated.

CUNY is proud to support this effort in partnership with the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA).

Resources and Tips:

Here are some helpful resources to strengthen your online safety practices:

Facts and Figures:

Insights from the 2024 — 2025 “Oh, Behave!” Report (National Cybersecurity Alliance & CybSafe) are as follows:

46% say trying to stay secure online is frustrating, 44% say it’s intimidating, and 40% find it confusing.
53% of people are “always online,” especially Gen Z (65%) & Millennials (64%).
Around 50% believe financial losses from cybercrime can be avoided — though this confidence has dropped 5% since 2023.

Our emails and supporting information are available from the National Cyber Security Awareness Month (NCSAM) page on the CUNY web site. We also provide a growing security resources list on the CUNY Information Security pages. You may also want to visit the OUCH! website to read recent security articles or subscribe to the world’s leading, free security awareness newsletter designed for technology users.

If you have any questions about any of this information, please contact your college's Information Security Manager.