Hurricanes, power-outages, man-made disasters—every organization has to prepare for these but when it comes to emergencies, universities face unique challenges because of the very nature of their structure and communities. Unlike the average office, universities are not enclosed spaces, and many different people—from students, to faculty, to staff, to visitors—are moving in and out of campus on any given day or time. This can make securing the campus and creating a comprehensive university incident response plan difficult.
You might have heard about the ransomware attack against Atlanta this year. A ransomware attack had significant impact on the city, forcing police officers to file reports by hand and city workers to report via time sheets. Atlanta is currently facing more than $20 million in costs due to the attack.
The California wildfires have been especially devastating this year, with fires reaching unprecedented sizes. Hundreds of thousands of acres have been burned and it may take until September to contain the fiercer fires. When it comes to emergencies like wildfires, strong incident response is important for protecting those affected.
In February 2018, the United States Department of Energy established the new Office of Cybersecurity, Energy Security and Emergency Response (CESER), focused on cybersecurity, energy security and emergency response with $96 million in government funding – and not a moment too soon. One month later, the Federal Bureau of Investigation and the Department of Homeland Security issued an alert alleging that Russian hackers mounted a methodical, long-term campaign to infiltrate and surveil critical US energy and utility infrastructure.
Communicating critical information when it comes to public health can quickly become stressful. For health departments facing public health emergencies, there must be consideration over how to communicate and with whom—as they need to communicate quickly about the situation and involve the right stakeholders without leaking information that could cause hysteria.
Situations like acts of nature, data breaches, or other unforeseen events, require planned responses in case they happen. Different situations may require a different chain of events to occur, but there is one thing that all incident response plans have in common: the need for ongoing communication throughout the course of the event.
Do you have an emergency preparedness plan in your household? Many families do—whether because they live in an earthquake or hurricane prone area, or because they want to be prepared for a personal emergency just in case. A smartphone can provide critical support during an emergency but—like your emergency kit and home vehicle—it needs to be prepared. There are several ways you can prepare your smartphone for an emergency.
The challenges people face during a natural disaster are often multiplied for seniors and their care takers. Decisions about whether to evacuate are complex as many seniors are mentally or physically not in a condition to move from location to location. So, how can these challenges be addressed?
This past year has been riddled with crisis from wildfires, earthquakes, tornadoes and hurricanes, to global cyber-attacks at a scale unlike what we’ve seen before. The one thing that all of these events have shown us is that accurate and constant communication is critical. Proper notification and continual communication during the event and during response set the tone for how quickly we can recover. Florida and Texas are no strangers to hurricanes.
The biggest cyberattack in history has been spreading the globe since last Friday. Spanning across 150 countries, the 300,000 victims have included government agencies, hospitals, manufacturers and universities. When ransomware attack affects your organization how can you keep a secure line of communicaiton with your team? Read on to learn why ephemeral messaging should be a part of your incident response plan.
Author–Kristi Perdue Hinkle
On the heels of the largest data breach on record, it is easy to say that data breaches have become big, and all too common, news. We see it flash across the screen daily: legal firm—leak, hospital—ransomware, government agency—hacked. Cyber security is no longer something just for financial organizations to worry about—it’s become a necessity for any organization that handles private, valuable and sensitive information to prepare for – including those in higher education.
In the last few years, multiple universities have been the victim of data breaches—University of California Berkeley, University of Virginia, University of Maryland, to name a few. In 2014 alone, 30 educational institutions experienced data breaches, with five of those schools experiencing larger data breaches than the Sony hack. Universities face a unique set of challenges when it comes to a data breach. As Paul Rivers, UC Berkeley’s CISO noted, similar to a healthcare organization, schools cannot close if a major breach occurs and network security on campus cannot be treated like a bank or technology company. Schools by nature are an open community, with a network shared by students, staff and even visitors—so closing vulnerabilities can be especially difficult.
Unfortunately, a data breach or IT outage is not the only type of emergency that Universities must prepare for. In the wake of acts of terror, natural disasters and other reported campus safety concerns over the last decade, Universities have a heightened call to action to protect campus staff and students. The ability to securely, efficiently, and, when appropriate, confidentially correspond about emergencies is paramount to successful response and recovery.
So how can universities ensure that sensitive information and communications remain secure during an out-of-course event?
One way is the use of encrypted, secure, ephemeral messaging. Secure messaging enables executives, board members and staff (as well as students for that matter) to communicate in a way that ensures that any sensitive information is protected. This is because at the core the sender is in complete control of anything he or she sends out. Messages cannot be forwarded, shared, saved, printed or screenshotted by the recipient, eliminating the risk of reputational damage or diminished trust. As an example, if a communication needs to be kept to a specific area of the campus to avoid panic during an emergency response – it can be; if a communication needs to be kept confidential to avoid media coverage during an emergency response – it can be; and if a hacker needs to be kept out of discussions concerning an emergency response to a breach – that too can be done.
For additional security, ephemerality means that any messages received and sent are automatically removed from the sender or the receiver’s devices per a pre-defined time period for expiration, removing the risk caused by BYOD device loss and theft. With secure messaging Apps that also support compliance, such as Vaporstream, a copy of the message can be archived in a single repository of record and stored behind a firewall for safe keeping to meet business and regulatory requirements.
In case of an emergency, secure messaging keeps sensitive communications ongoing. This is especially critical for universities, given that schools cannot close when an incident occurs. Secure messaging provides a means to continue crucial conversations and to discuss mitigation, emergency response and recovery plans. In case hackers or even terrorists may have access to certain university information or communications, employees can rest assured that whatever conversations they are conducting via secure messaging are uncompromised.
In short, encrypted, secure, ephemeral messaging protects high level communications for universities at every step of the way—during day-to-day business communications for such things as discussing HR and IP as well as during out-of-course events where emergency response plans need to go into action. If you would like to learn more about secure messaging and Vaporstream’s solution you can download our white paper or contact us.