About Cybersecurity
The Cybersecurity and Privacy unit in the Division of IT provides the University with support for identity and access management; incident response; payment card processing security; awareness and training; and data security. We are also home to the Cybersecurity Internship Program and security consulting services. If you have questions about any content you see here or need additional support, please contact us at the Division of IT Helpdesk at: help@colostate.edu or (970)-491-7276.
Report A Cybersecurity Incident
See something suspcious online or have a security concern to share?
Let us know! Use the “Report an Incident” button and our cybsecurity team will look into the issue.
Latest Security Alerts
Office 365 Login Notice
Posted on April 22, 2024
Emails from valid CSU accounts with the subject line “Validation Notice Do not Ignore Last warning” or “Urgent: Verify Your Colorado State University Account Information” are circulating with the message indicating “your office 365 has two different logins with two universities.” This is not a legitimate email and users should not interact with the message in any way.
The below images are examples of what this phishing email could look like.
How to Spot a Phishing Attempt
Posted on February 1, 2024
Phishing emails and activity are on the rise at CSU. See the image below for a breakdown of an actual phishing email and how to spot it.
Microsoft Multi-Factor Authentication
Posted on September 27, 2023
An email prompting users to scan a QR code to “reauthenticate” their Two-/Multi-Factor Authentication settings has been reported. This is not a legitimate email and users should not interact with the message in any way.
The below image is an example of what this phishing email could look like.
Awareness & Training
Find cybersecurity best practices and training and learn how to protect yourself
and the university from cyber threats like phishing attacks, viruses, and malware.
Compliance & Regulations
Credit Card Security
Merchants at Colorado State University that take credit card payments for goods and services are required to comply with the Payment Card Industry Data Security Standard (PCI-DSS), whether conducting e-commerce, mail-order/telephone-order, mobile, or retail transactions.
Data Security
Preserving and ensuring the confidentiality, integrity and availability of sensitive information are the hallmarks of information security. In addition, certain federal, state, local and university regulations may apply depending on the type of data and application. For more information about securing research, please visit IT: Research Security and Compliance and OVPR: Controlled Unclassified Information.
Security review for major IT purchases
In order to comply with state and federal requirements, as well as the CSU IT Security Policy, all major IT purchases (those exceeding the dollar threshold for Documented Quotes) must go through a security review before the request for purchase will be approved. The Procurement department will forward all major purchase requests to DoIT for review. A security review may request additional information from the vendor, so this part of the process has the potential to slow the acquisition. To avoid undue delays, anyone planning to purchase a major IT system or service may request an evaluation in advance.
To directly request a security review in advance, please email Chief Information Security Officer, Steve Lovaas.
Cybersecurity Internship
Since 2018, the Division of IT has offered a Cybersecurity Internship Program that is open to Undergraduate students.
Students in the program learn about cybersecurity concepts and work with professional-level security tools to support our security posture at Colorado State University.
Interested in participating or have questions?
Contact Cybersecurity Team