Today@Sam Article

Cybersecurity Is Everyone’s Responsibility

Oct. 21, 2021
SHSU Media Contact: Hannah Crandall

With Cybersecurity Awareness Month and the release of IT@Sam’s new cybersecurity campaign taking place during October, IT is teaching Sam Houston State University students, faculty and staff what cyberattacks look like and how to secure their information.

There are two types of cyberattacks: technical and social engineering. Technical attacks exploit weaknesses in IT systems. SHSU’s IT team takes all the necessary steps to help prevent technical attacks from being successful and to protect the university’s information.   

“We do everything we can on our end,” said Stephanie Smith, IT marketing and communications coordinator. “We have many controls in place to keep the university protected from technical cyberattacks. But, at the end of the day, we can’t control each person’s actions. Cybersecurity is everyone’s responsibility.”

Steven Frey Explaining CybersecurityEspecially when it comes to social engineering attacks, which focus on the individual and the information cybercriminals can obtain by exploiting their trust, being aware of the typical signs of social engineering cyberattacks can help protect both personal and university information.

“They’re going to try to trick you,” said Steven Frey, director of information security. “Does this email or text say it is urgent? Is it going to cost me money? If it sounds too good to be true, it probably is. These are criminal enterprises working to get money through scams, not just some guy in a hoodie with his laptop.”

In the past year, IT recorded 68 separate phishing campaigns, which led to thousands of reports of phishing emails. The best thing to do with phishing attempts is to check the Phish Bowl, report them to and delete them.

“The Phish Bowl is where we put example phishes or copies of phishes that people have reported,” Frey said.

IT Professional Working on ComputersReport IT is an online resource offered to all SHSU community members. This resource refers people to the correct place to report various types of attacks or security breaches.

“This site makes it simple to find how to report cyberattacks, because a lot of people just don’t know who to talk to or who to get it to,” Frey said. “Hopefully, knowing who to contact will help them in reporting. The faster they report a cyberattack, the faster we can contain it, so it doesn’t spread. We may investigate it and determine it’s not an issue; but the faster we get the information, the faster we can act.”

In addition to the Phish Bowl and Report IT websites, SHSU made LastPass Premium available to all students, faculty and staff. LastPass Premium is a password manager that encrypts and stores your passwords and other sensitive information for you.

The best protection against cyberattacks is awareness of how to handle a cyberattack before it becomes an issue. Still, IT knows it can be easy to fall for some of these attacks, and they are here to help the university and all Bearkats prevent and react to cyberattacks.

“We need people to tell us if they have fallen victim to something,” Frey said. “We’re not going to shame them, and we will keep it confidential. As IT professionals, we deal with this stuff every day, but we know that everyone else doesn’t. We understand.”

To seek out more knowledge on best cybersecurity practices at SHSU, visit

- END -

This page maintained by SHSU's Communications Office:

Director of Content Communications: Emily Binetti

Communications Manager: Mikah Boyd
Telephone: 936.294.1837

Communications Specialist: Campbell Atkins
Telephone: 936.294.2638

Please send comments, corrections, news tips to