Security Upgrades
Information Services Security took great strides in 2023 to advance the information security capabilities protecting university systems and data. The University partnered with a leading cybersecurity vendor to provide Security Information and Event Management (SIEM) services. SIEM allows the university to consolidate, correlate, and anlyze data from many different sources to identify and alert on security concerns. This capability greatly enhances the information security team’s ability to identify and respond to security incidents. In addition, the existing partnership with Crowdstrike was expanded to provide their Managed Detection and Response (MDR) services for University administrative and academic systems. This important capability allows for professional security analysts to monitor university systems 24x7×365 and respond if an attack is detected.
VASCAN Meeting
The University of Richmond hosted the quarterly in-person meeting of the Virginia Alliance for Secure Computing and Networking (VASCAN). The group had a great meeting and discussed many information security-related topics pertaining to Virginia higher education institutions. Representatives from George Mason, James Madison, Old Dominion, University of Richmond, University of Virginia, the Virginia Community College System, Virginia Commonwealth University, and William & Mary were in attendance. Everyone was very complimentary of the new Information Services offices!
2023 Capture the Flag Competition
Information Security hosted their first ever Capture the Flag competition November 4-7. Pattered with Assura and MetaCTF, a "Capture-the-Flag" competition is an online game where players of all skill levels can tackle challenges to earn "flags" with each correct answer. Teams were comprised of students and staff, with one to four players on each of 15 teams.
The top two student teams received prizes. The top faculty and staff participant team also received a Spider Secure t-shirt in recognition. All faculty, staff, and students who participated and completed at least one challenge received a Certificate of Completion and were eligible to be entered into a raffle to win some cybersecurity goodies.
2023 Cybersecurity Fair
Information Security held the annual Cybersecurity Fair in Tyler Haynes Commons. There were some great discussions with students, faculty, and staff about password security, LastPass, and the Capture-the-Flag event. And they gave out a lot of great candy!
IS Penetration Test Conducted by Assura, Inc.
From November 13, 2023, to November 22, 2023, University of Richmond coordinated with Assura, Inc. to perform a penetration test consisting of the following components: internal network penetration test, external network penetration test against internet facing applications, and social engineering against Help Desk staff. As part of this penetration test, the Spider Management Company’s assets were included within the engagement’s scope.
Penetration testing is a proactive information security practice intended to identify and exploit weaknesses (i.e., vulnerabilities) before discovery and exploitation by an adversary. The practice involves gathering information about targets, identifying potential avenues of attack, and attempting to exploit security control weaknesses to compromise the confidentiality, integrity, and/or availability of data.
The November penetration report showed an overall 74% reduction in the number of vulnerabilities found from an earlier penetration test conducted in earlier 2023. Furthermore, Assura was unable to successfully social engineer the Help Desk staff.
Information Services Cybersecurity Tabletop Exercise
On July 28, 2023, Information Services Security conducted a tabletop exercise with the IS Cybersecurity Incident Response Team and Maribel Street from Emergency Management. It focused on a director-level incident response and incident response plan awareness. The goal was to identify and update existing documentation for process and procedure to support incident response based on scenario. A set of scenarios and questions were utilized to facilitate the tabletop exercise. At the end of the event, the Information Services Security and Emergency Management teams were able to meet their goals of identifying and updating documentation for the processes related to the scenarios.