CSAM 2025 - Cyber Vigilance

October is Cybersecurity Awareness Month (CSAM), a month full of educational and fun events to help students, employees, and affiliates foster a security culture of cyber vigilance by staying aware, following best practices, and protecting both university and personal data and devices.

CSAM kicked off last week with the Cyber Bowl which is an event where N.C. A&T is competing with NC State, Duke University, UNC-Chapel Hill, UNC Wilmington, East Carolina University, Winston-Salem State University, and Elizabeth City State University in an online game to get students, employees, and affiliates to particpate. Help N.C. win the Cyber Bowl!  Take time to participate in other CSAM events, learn, have fun, and win prizes!

Cyber threats don't take time off.  Scammers persistently target students, employees, and affiliates with fake job offers, file shares, fradulent checks, and other scams.  These phishing emails, texts, and phone calls impersonate trusted employees, departments, and businesses to deceive you.  Every click, login, and response matters - one wrong move could give a scammer access to your personal information or university information.  Some students and employees have fallen victim resulting in compromised accounts and stolen money.  Security isn't just IT's job - it's everyone's responsibility.

Information Technology Services (ITS), the Center for Excellence in Cybersecurity Research, Education and Outreach (CREO), and Waste Management Institute (WMI) have partnered together since 2021 to promote CSAM. 

Thursday, October 2, 2025
Multi-Factor Authentication (MFA) Requirement For ALL Students 
MFA will be required for all students to access key platforms, including Banner Self Service, Blackboard, and Google Suite, starting October 22, 2025. Using MFA will enhance the security of university systems and protect your personal information.

Duration: Begins in October 2025; permanent addition to the Information Security Program
Participants: Students
Format: Email announcements with instructions sent to students

Wednesday, October 8, 2025
Anonymization and Privacy: Protecting Data in a World of Re-identification Risks
This seminar will explore how anonymization is used to safeguard sensitive information, why it matters for both individuals and organizations, and how re-identification attacks increasingly challenge these protections. I will highlight real-world examples to show why the public should care about data privacy, alongside insights from current research on privacy-preserving techniques. The session will be interactive with time provided for Q&A to ensure attendees leave with both awareness and actionable knowledge.

• In-person @ 2105 Yanceyville Street, Greensboro, NC 27405
• VIRTUAL @ https://ncat.zoom.us/j/91804098706

This seminar unpacks quantum cryptography and its critical role in protecting our digital future against quantum computing threats. Through engaging short videos and expert insights, participants will discover how quantum mechanics is revolutionizing cybersecurity and learn practical steps organizations can take now to prepare for the quantum era.

• In-person @ 2105 Yanceyville Street, Greensboro, NC 27405
• VIRTUAL @ https://ncat.zoom.us/j/91804098706

Wednesday, October 15, 2025
Phishing Simulation Launch
Phishing attacks are becoming more targeted and trickier to spot.  As part of of our ongoing cybersecurity efforts, the  Information Security Office is launching a phishing simulation initiative.  Phishing emails that mimic real-world phishing attempts will be sent to employees and affiliates to test your abilities to recognize and respond to phishing attacks.  Phishing simulations provide a safe environment for employees and affiliates to learn and improve cyber vigilance without the risk of responding to actual phish and compromising data and devices.

• Phishing simulations will be conducted without prior notice to enhance employees’ preparedness for genuine cyber threats.
• Credentials entered through these exercises are not captured.  Clicking on links is monitored solely for training purposes.

Duration: Begins in October 2025; permanent addition to the Information Security Program
Participants: Faculty, staff, administrators, and affiliates
Format: Email

Saturday, October 18, 2025
Shred & Electronic Recycle Day
The event provides university employees, students, and the Greensboro community a secure and environmentally responsible way to dispose of sensitive documents and electronics*.  N.C. A&T has partnered with ProShred to shred documents on-site and Powerhouse Recycling to dispose of electronics and storage devices (e.g., thumb drives, disks, CDs, etc.).  Student volunteers from the Waste Management Institute's Earth & Environmental Science Club (EESC) will be available to assist patrons with removing documents and electronics from vehicles.  

* N.C. A&T employees can dispose of university documents, personal documents, and personal electronics.  However, disposal of N.C. A&T electronics is prohibited.  Employees are required to contact Property Management and follow the university's electronic disposal process.

Time: 9 AM - 12 PM
Participants: Students, faculty, staff, administrators, affiliates, and the public
Location: @ N.C. A&T, 1601 East Market Street, Greensboro, NC  27411
(Corner of Lindsay Street and Laurel Street across from the University Police Department - look for blue and gold balloons)

Developers and students increasingly use large language models (LLMs) to draft code, but the output can include security vulnerabilities. This hands-on session teaches a practical “prompt → harden → verify” workflow for LLM-generated Python. You’ll learn how to craft secure prompts with explicit constraints, require unit tests, and then run a lightweight security gate to catch issues before code ships. We’ll walk through real examples so participants leave with a repeatable checklist and starter templates they can use immediately. Attendees can follow along in Google Colab or a local Python setup.

Presented By and Bio: Dr. Mahmoud Abouyoussef

Mahmoud Abouyoussef is an Assistant Professor in the Department of Computer Systems Technology at North Carolina A&T State University, Greensboro, NC, USA since January 2025. He earned his Ph.D. in Computer Science from the Tennessee Technological University, TN, USA, in 2022. Dr. Abouyoussef also holds two M.Sc. degrees from Mid Sweden University in Sweden and Misr International University in Egypt, in Electronic Design and Electronics and Communications in 2012 and 2019, respectively. He received the Eminence Award for the Doctor of Philosophy Best Paper from Tennessee Technological University. His research interests include smart healthcare systems; blockchain applications in IoT and healthcare; cryptography and privacy-preserving technologies; large language models (LLMs) for intelligent data analysis and decision support; network security and intrusion detection; smart grid and critical infrastructure security; secure and resilient vehicular networks; AI/ML-based anomaly detection; IoT-enabled assistive technologies; and secure data sharing frameworks for distributed systems. 

• In-person @ 2105 Yanceyville Street, Greensboro, NC 27405
  • 1 hour (50 minutes for content + 10 minutes for Q&A) with short guided labs.
  • Each participant needs a laptop, Wi-Fi, and google Colab.
• VIRTUAL @ https://ncat.zoom.us/j/91804098706

Monday, October 27, 2025
Information Security Education Training (Mandatory) Kickoff
Annual information security training to educate employees on best practices for recognizing suspicious behavior, responding appropriately, and protecting systems and data.     

• EHRA: Monday, October 27, 2025 - Tuesday, June 30, 2026
• SHRA: Monday, October 27, 2025 - Tuesday, March 31, 2026

In this informative session, Philip Zaccheo will explore the evolving landscape of social engineering in cybersecurity. Attendees will gain a clear understanding of the tactics and techniques used by threat actors to exploit human behavior and steal sensitive information. The session will include a real-world case study of how a state-sponsored threat actor group utilizes social engineering tactics and techniques to infiltrate companies, with their goals including information disclosure and financial gain. The session will also include a practical demonstration of a social engineering assessment. Attendees will walk away with actionable strategies for safeguarding their organizations against social engineering threats.

Presented By and Bio: Philip Zaccheo

Philip Zaccheo is an information security professional with about two years of experience in information security. He currently serves as a Security Analyst at a mid-sized bank. Prior to this role, Philip spent three years in IT as a Support Technician for a commercial real estate company and completed an offensive security internship as part of his college education. He holds both a Bachelor of Science and a Master of Science in Cybersecurity, bringing a well-rounded perspective that blends technical expertise with a proactive approach to safeguarding organizational resilience.

• In-person @ 2105 Yanceyville Street, Greensboro, NC 27405
• VIRTUAL: https://ncat.zoom.us/j/91804098706

SPECIAL THANKS TO OUR PRIZE SPONSORS

• Dell

• DNS

• HPE Aruba Networking

PRIZES

• Amazon $25 Gift Cards (DNS)

• Bookbags (Dell)

• MS700 Bluetooth Mouse (Dell)

• Pro 14 Plus Portable Monitor - P1425 (Dell)

• Swag Bags (Dell, DNS, HPE Aruba Networking)