Concordia ramps up efforts to protect personal, research and institutional data

Phishing and phone scams are more than annoying. They pose a real and growing threat to our personal information. They also put institutions like universities at risk of having sensitive data, research findings and money stolen or extorted.

As a result, Concordia is making data security an institutional priority. The university is kicking off a cybersecurity awareness campaign, beginning with an online training course for all faculty and staff.

“Currently, we have a strong fence, from a systems point of view,” says Alex Aragona, executive director of application portfolio management and chief information security officer at Concordia.

“Though we keep adding to it, the best defences against cyberattacks are individual awareness and safe digital practices.”

Every month, Instructional and Information Technology Services (IITS) blocks a significant number of malicious emails and intrusion attempts. That may be reassuring, but it’s not enough to put Aragona’s mind at rest.

“Digital security is everyone’s responsibility. It goes beyond Concordia into the personal lives of each one of us,” he says. “We all need to understand the risks associated with phishing and spear phishing and the potential impacts on our information, our work and our finances.”

Is there any way to remain cybersecure?

The landscape of security threats is vast. Media reports have detailed numerous cases of governments, institutions and individuals seeing data compromised through cyber scams. Greater awareness is one of the best defences.

“Globally, people are becoming more attentive to the issues. We know that it’s no longer just big, international corporations that get hacked, phished or saddled with ransomware,” Aragona says.

Finance and personal data may not be the university’s primary activity, but the range of information it collects and develops could still make it susceptible, he adds.

“Because of our size and the broad range of data we house, Concordia could be a target. We need to continue securing both our administrative and research information.”

Concordia is also made up of a range of technology users. Some community members are very tech savvy, while others are less informed about risks.

Furthermore, some may employ older devices with outdated operating systems. That is something that can be exploited by hackers looking for a way into the university network.