2023 Champion Cybersecurity Awareness Month

The University of Colorado is proud to champion Cybersecurity Awareness Month again this year, a global effort recognized each October. Throughout the month, CU will raise awareness of key best practices that we can implement today to keep sensitive information secure at work and home.


Enter for Chance to Win $100 Cash!

Complete the Information Security Awareness training course soon for a chance to win $100 cash! Regardless of when you last completed the course, you may take it again between Oct 2 and Nov 30, 2023, and be automatically entered into the prize drawing.

On Dec 1, 2023, the Office of Information Security will randomly select six employees who completed the course in the designated time period. The cash prize will be directly deposited into the same account you use for payroll. OIS will also pay the taxes.

Visit the Information Security Course Compliance FAQs webpage for more information.


In celebration of Cybersecurity Awareness Month, each campus will host a live webinar, providing an opportunity for you to learn from the experts. The webinars are open to everyone in the CU community and will cover topics that are useful and relevant to reducing cyber risks at work and home. Learn about top cyber threats, data protection after a breach, requirements for handling research data and more.

If you are unable to attend the live event, visit this webpage afterward to learn how to access the recording. 

Cautionary Tales in Cyber

Monday, October 16, 2023, from 5:00 to 6:00 PM MT

Join representatives from University of Colorado Colorado Springs and U.S. Cybersecurity Infrastructure and Security Agency (CISA) who will share some great cyber stories and recent cyber hacks to illustrate the importance of cyber safety. Panelists will tie each of their stories back to cybersecurity safety tips that will help you better secure your personal presence online. ​Hosted by UCCS, this webinar is available to faculty and students throughout the CU community.

Panelists and discussion topics:

  • Gretchen Bliss, Director of Cybersecurity Programs and webinar moderator 
  • David Sonheim, Chief of Cybersecurity and Supervisor of Region 8, CISA
  • Charles Wertz, Information Security Officer, will present What You Should Do After a Data Breach
  • Greg Williams, OIT Director of Networks and Infrastructure, will present Multi-Factor Authentication: What Is It, How to Use it, and Why It's Important
  • Arthur Simental, Director of Emergency Management, will discuss the recent University of Michigan breach and the importance of strong passwords/passphrases

A recording of the webinar is now available.

Please email cyber@uccs.edu with any questions you have about the webinar.

Intersection Insecurity: The Collision of Research Grants, Data Protection Laws, and Information Security at CU Boulder

Tuesday, October 17, 2023, from 1:00 to 2:00 PM MT

Research is foundational to the mission of CU. Regulations, laws, and grant providers have begun introducing strict cybersecurity requirements regarding data handling, storage, and access. Navigating this landscape is fraught with pitfalls, and the ability to rapidly demonstrate compliance can be the difference between winning or losing a grant. Attend a panel of subject matter experts from different departments at CU Boulder for a discussion about the challenges and opportunities we see ahead, as well as resources available to researchers to comply and adequately secure technology and intellectual property.


  • Greg Furlich - Research Associate, Center for National Security Initiatives
  • Debbie Geha - IT Security Analyst, Security, Office of Information Technology 
  • Justin Mack - Research Security Coordinator, Research & Innovation Office 
  • Barbara Schnell - Associate Director of Secure Research Computing, Office of Information Technology 

Moderator:  Scott Maize - Associate Director of Information Security, Office of Information Technology 

The webinar will be recorded and made available afterward.

Cybersecurity Roundtable: Phishing, Traveling, and Protecting Your Data Everywhere In Between

Thursday, October 19, 2023, from 12:00 to 1:00 PM MT

Hosted by the CU Anschutz Medical Campus and CU Denver Office of Information Security and IT Compliance, this webinar is available to faculty and students throughout the CU community. 

The panel discussion will review top cyber threats, the current cybersecurity climate of the university, phishing attempts and security best practices, how to stay secure now that university travel is more frequent again, and they will answer attendees’ questions. Everyone, across all campuses, is welcome to attend and ask questions. 


  • David Capps, Chief Information Security Officer, University of Colorado
  • Brad Judy, Deputy Chief Information Security Officer, University of Colorado
  • Charlotte Russell, Assistant Vice Chancellor for IT Security and Compliance, CU Anschutz Medical Campus and CU Denver
  • Sean Clark, Information Security Officer, CU Anschutz Medical Campus and CU Denver
  • Sarah Braun, Information Security Officer, CU Boulder
  • Keith Leigh, Information Security Officer, System Administration
  • Charles Wertz, Information Security Officer, UCCS

A recording of the webinar is now available through the CU Anschutz Information Security and IT Compliance website. 


Enable multi-factor authentication and learn why it's important.

Enabling multi-factor authentication (MFA) – which prompts you to input a second set of verifying information, such as a secure code sent to a mobile device – is a hugely effective measure that anyone can use to drastically reduce the chances of a cybersecurity incident. Learn more.

Create strong, unique passwords and change them regularly.

Having unique, strong, and complex passwords is one of the best ways to immediately boost your cybersecurity. Cracking passwords is one of the go-to tactics that cybercriminals use to access value information. And, if you use the same password on multiple accounts, once a cybercriminal has compromised one of your accounts, they can easily do the same on other accounts.

Recognize phishing, which is still among the primary threats from cybercriminals.

Phishing – when a cybercriminal poses as a legitimate party in hopes of getting individuals to engage with malicious content or links – remains one of the most popular tactics among cybercriminals today. However, while phishing has gotten more sophisticated, keeping an eye out for typos, poor graphics and other suspicious characteristics can be a telltale sign that the content is potentially coming from a phishing scam.

Keep your software and applications up-to-date.

Updates are part of our digital life, and if you embrace them, you’ll have more peace of mind and the latest security. Learn more

If you have any questions, please send an email to SecurityAwareness@cu.edu.