Skip to content Skip to main navigation Report an accessibility issue
Information Security

Exam time!


Yes. I know that you just took your compliance training as it’s due to be completed before the end of the year, but since the exam period is on us, I thought it would be good to do some “off-the-record” testing…

Which of the following is a myth?

  1. Only people in high ranking positions are targets of cybersecurity attacks. 
  2. High-tech hackers pose the biggest threat to our organization. 
  3. Cybersecurity is a highly technical process that only OIT can handle.
  4. Security awareness only really matters when you’re at work. 
  5. Cybercriminals rarely target smart devices. 

Did you find the myth? This was a trick question! EVERY ONE of these statements is a common cybersecurity myth! They’re ALL misconceptions but are broadly held (by some) as facts. Read on if you’re curious.

Myth 1: Only people in high ranking positions are targets of cybersecurity attacks.

Chancellors and Deans are prime targets for cybercriminals, but that doesn’t mean they’re the only targets. Scammers attack every level of the university, looking for gaps in security. After all, it only takes ONE hacked machine to access our entire network.

Myth 2: High-tech hackers pose the highest threat to our organization.

You may imagine a cyberattack as the use of highly sophisticated technology to break through firewalls and decode user passwords. But in truth, it is much more likely that So-In-So wrote their password on a sticky note, and it fell into the wrong hands. Human error is an easy target for cybercriminals, so stay alert!

Myth 3: Cybersecurity is a highly technical process that only the OIT department can handle.

The security tools managed by OIT are important, but technology can only do so much. These security measures can’t stop an employee from sending sensitive information within an email. Creating a human firewall, made up of each employee, is essential to the security of our campus. Security is EVERYONE’s responsibility.

Myth 4: Security awareness only really matters when you’re at work.

The University’s at-work policies and compliance regulations may not be necessary in your home life, but security awareness still matters. Scammers can phish your personal email for bank accounts, login credentials, or even personally identifiable information, which can be used to perform identity theft.

Myth 5: Cybercriminals rarely target smart devices.

Nearly everyone has a smartphone, and many people use smart devices throughout their homes. From smart speakers to security cameras to lightbulbs, all these gadgets connect to the internet. As these devices become the norm, cybercriminals happily accommodate. Treat smart devices the same way you would treat any other computer. Always use strong passwords, install antivirus and anti-malware software, and keep these devices up to date with the latest security patches.

Believe it or not, YOU are the key to keeping your organization secure! SEE something, SAY something! There is NO secUrity without U! (Sorry, I couldn’t resist).

The flagship campus of the University of Tennessee System and partner in the Tennessee Transfer Pathway.