Students should always be on the look out for employment/internship scams that aim to empty your bank account rather than give the pay they promise! Learn more here

Report a Security Incident Form

If you are the victim of a security-related issue, please use the following form to report it to the Office of Information Security.

Report a Phishing AttemptReport a Security Incident

 

New to the OIS website? Take a tour here.

A Message From David McMorries,

The Chief Information Security Officer 

Tuesday, December 27th, 2022

Dear OSU Community,

Happy New Year!  2022 was a banner year for OSU; largest enrolling Freshman class, largest graduating class, and the Beavers won a bowl game!

A little bragging about this website…OSU placed first in the higher education division of the MS-ISAC (Multi-State Information Sharing and Analysis Center—learn more about them here: https://www.cisecurity.org/ms-isac) Best of the Web contest.  I have to thank the people who made this possible—Ian Walker and Elise Schey both worked as analysts within OIS and took on the task to win this contest!  Of course, it isn’t just about the contest itself; we are trying to make this site as compelling and informative as possible for you, so please let us know how we are doing and what would make this a better site for the OSU Community.

As classes start up again, please be aware that students are being targeted by scammers with employment fraud, and employees are seeing similar scams.  In general, scammers want you to provide a personal e-mail address after they make contact with either a “fabulous” job offer, or a quick request for help.  Keep a sharp lookout for key-giveaways for fraud…someone may claim to be an OSU faculty member or staff, but the e-mail address doesn’t seem right or match who they claim to be.  The external banner on e-mail will often be present, so take a second look when you see this on an e-mail: [This email originated from outside of OSU. Use caution with links and attachments.]

A big thank you to the OSU Community for reporting phishing and spam e-mails!  Over the month of December, which is normally a slow month, over 1600 phishes were reported and actioned!  Keep up the great work!  The best way to report phishing is to use the “Report a Message” button in Outlook, Outlook Web Access or the Outlook mobile app. You can learn more here about this capability and contact the Service Desk if you need assistance in setting up the service.  Of course, we are still using [email protected] as way for people to report phishing emails; the Microsoft reporting allows us to respond and act much faster.

 

CISO Message Archive


Resources for IT Pro Staff

The Office of Information Security is here to assist you in your efforts to keep your network resources protected. We coordinate with academic and administrative units to help develop policy, benchmark and assess our level of risk and educate and inform our community on best practices. We offer Risk Assessment and Forensics services as well as vulnerability scanning.

For a list of current known exploited vulnerabilities, visit the CISA catalog for a full list. To learn more about the resources available for IT Professionals, visit the Infosec Guidebook.

 

Data Classifications Standards of Care Policies

 

Resources for the OSU Community

Cyber attackers will be looking for ways to steal info from your computing devices, so we want to arm you with some great resources to protect yourself! Navigate to our Resources tab to familiarize yourself with some OIS terminology using our Glossary, or check out the newest in security news. 

Check out the Online Trainings page for mini-games, quizzes, and general training to increase your cyber literacy. Thank you for helping us Defend Our Cyber Dam!