Bee Cyber Fit: Simplifying Cybersecurity for Everyone
Bee Cyber Fit: Simplifying Cybersecurity for Everyone
Navigating Cyber Threats: Chief Information Security Officer (CISO) Jeremy Rosenberg on Yale University's Cybersecurity Evolution
Join us for an insightful exploration of Yale University's cybersecurity landscape as we welcome Jeremy Rosenberg, the university's Chief Information Security Officer, to kick off season four of the Bee Cyber Fit podcast.
Jeremy shares the remarkable progress Yale's cybersecurity program has achieved, with key accomplishments such as reaching full staffing levels and launching innovative passwordless authentication solutions. Our discussion highlights the significance of adapting to emerging technologies like AI, and how these strides position Yale to address real-world risks and support the dynamic needs of its community.
We celebrate the achievements of 2024 and eagerly look forward to future initiatives designed to strengthen Yale's cybersecurity readiness. From the success of university-wide training programs to the personalized efforts that engage various departments, we delve into how these programs foster sustainable cyber habits.
Jeremy emphasizes the importance of integrating good security practices into daily operations and maintaining awareness of evolving cyber risks, particularly with older technologies still present on campus. Our conversation underscores the importance of fostering a robust cybersecurity culture at Yale, empowering the community with the knowledge and tools needed to stay safe.
Looking ahead to 2025, we explore exciting plans for expanding Yale's ambassador program and increasing community engagement. Highlights include innovative strategies like interactive trivia games and the "New Year, New You" campaign, which are designed to engage the community in building their cyber muscles. We also touch on the significance of incorporating the new NIST cybersecurity framework into Yale's security roadmap, ensuring that the university remains agile and prepared for future challenges.
Join us as we champion a proactive approach to cybersecurity, celebrating the collective efforts that drive Yale's success in this ever-evolving digital landscape.
Calls to action:
1. Register to join the New Year, New You Cyber Challenge in February to strengthen your cyber muscles. Click here to learn more about it.
2. Register to join us for our Information Security Office expert panel on February 13 and a webinar with our local FBI field office on February 26.
3. Complete our 2025 Yale Cybersecurity program survey. Your feedback can help us improve our program.
Learn more about Yale Cybersecurity Awareness at cybersecurity.yale.edu/awareness
Never miss an episode! Sign up to receive Bee Cyber Fit podcast alerts.
Jeremy: Across the program, I am most excited about the agility we've created. We're pivoting to meet real risk. The Awareness Teams program is a great example of that, where we still have the best practices that we talk about, but we're able to talk about the real risks that we see to Yale and tailor our message to that, that goes on across the security program now. Our risk team is focused on assessing against risks that are known. Our engineering team is building tools to address them. And so that agility is what I'm so excited.
[music]
Wendy: Welcome to the Bee Cyber Fit podcast, where we're simplifying cybersecurity for everyone, where we cut through confusing Cyber Speak and make cybersecurity simple and easy to digest. I'm one of your hosts, Wendy Battles.
James: And I'm James Tucciarone. Together, we're part of Yale University's Information Security Policy and Awareness team. Our department works behind the scenes to support Yale's mission of teaching, learning, and scholarly research.
Wendy: Ready to get cyber fit with us?
Hey everybody. Welcome to another episode of the Bee Cyber Fit podcast. We are so psyched you are joining us today. If you are a first-time listener, this is the place to come for information and inspiration about how we can stay safe online in an increasingly complex, what feels like not-so-safe world. Well, there are things we can do and that's what we talk about on this podcast. What we can do and how we can protect Yale University, our data and systems? And not only is this a new episode, but James, this is also the first episode of Season 4 of the Bee Cyber Fit podcast. And I don't know about you James, but I feel like that's a pretty big achievement.
James: I definitely agree.
Wendy: We have been doing this for a while and all the more reason we're happy that you're here to join us for this episode this season. All the things we can do to Bee Cyber Fit together.
James: So, many of you may already know that this podcast is one of the many tools in our toolkit that we use at Yale University to help our faculty, staff, and students build their cyber muscles. The goal is to empower the Yale community with cybersecurity knowledge. And by taking small steps to be more cybersafe, we can make a big impact on helping to keep Yale safe. And the great news is building our cyber muscles also helps us to stay safe at home.
Wendy: It sure does. So, along those lines of staying safe at work and at home. On this episode, we are reflecting on what happened in 2024 at Yale University in our cybersecurity program. But also, we are looking ahead to 2025. And I'm really excited, James, because today we are being joined by a special guest, our Chief Information Security Officer, Jeremy Rosenberg. And he has a lot of insights and wisdom and ideas to share with you as we look back and ahead because we're up to some pretty cool things designed to help keep the Yale community safe. And I'm really looking forward to the conversation we're going to have with him about that today.
James: Well, Wendy, it's always a great time when we have Jeremy here with us. And before we dive in, I wanted to ask you what you're most looking forward to in 2025.
Wendy: Mm, good question, James. I am looking forward to even more engagement from our Yale community. And by that, I mean in the cahoots that we offer our interactive trivia games that are open to the community in our New Year, New You campaign to kick off the year that starts in February and really engaging people in that. And just more broadly, we've started to get out to departments to really build relationships with departments and intact teams to build their cybersecurity muscles. And I'm looking forward to expanding that into new departments, new areas, working with new supervisors and managers who are really interested in helping their teams build their cyber muscles, which ultimately supports their work, their ability to work securely, and to forward the mission of the university. So, I'm looking forward to all those things. How about you?
James: I'm right there with you. I'm really excited about the engagement work that we've already done and the work that we have coming up in 2025. For me in particular, I'm really excited about the expansion of our ambassador program. We have some great folks who are already part of the family, and this year we're going to be opening it up even more broadly and encouraging people to join our ambassador program and help build those relationships throughout the Yale community.
Wendy: That's a really cool thing. Yes, yes, yes, yes. I am right there with you on that. I feel like we have a lot to look forward to in 2025, and I don't know, I think it's going to be a good year. But before we get to our conversation with Jeremy, let's hear a preview of our buzzword of the day, passwordless.
James: Have you ever forgotten your password or felt frustrated by those long, complicated passwords that are impossible to remember? Well, today we're talking about a solution to those password votes, passwordless authentication. Stay tuned to find out more about what passwordless is, how it works, and how we might already be using it.
Wendy: James, I am so excited because today, to kick off season four of the Bee Cyber Fit podcast, our first episode of the season, we are welcoming back because he's been here two other times. We are welcoming back Jeremy Rosenberg, the Chief Information Security Officer at Yale, to share his insights, his wisdom about where we are at Yale with cybersecurity, what has happened,d and where we're going. And, Jeremy, we are so excited that you're joining us today.
Jeremy: I was excited to be coming, but I didn't know that this was the first episode of the year. So, I'm setting the tone for an entire year of podcasts. I don't know if I can handle that pressure.
Wendy: I think you can and yes, you are. So, it is pretty significant in our mind and we're really psyched that you're going to share.
Jeremy: Wait a second. This is the fourth season and I've only been on two other times. There was a season that I missed completely.
Wendy: That is correct. It was a short season though. It was a short season. I will say that. So--
Jeremy: Okay. All right. Well, then I can live with that.
Wendy: I think you can live with that. Well, we have a series of questions for you, and we are eager to pick your brain and have you really enlighten the Yale community, because there are so many different aspects, of course, to cybersecurity and what we do at Yale. And I'd like to start off by asking you about what you think were our biggest successes with our Cyber Security Program in 2024.
Jeremy: Well, that's a good question. I know I'm going to leave something out, so I hope that the folks listening don't take it personally if I don't mention their work, because we have about 40 people across the Information Security Office, and they are all working constantly. It is remarkable how much our teams get done. I think one of the things that I'm most happy about is we were fully staffed for the first time since I took over. So, I've been CISO for three and a half years, and I was at Yale for a year and a half before that, and we never had a fully staffed security office.
It is so hard to find good people who can do this work and who have a passion for it in a way that you need in order to work at the university because it's such a dynamic place. Yeah, so, for the first time, I think we had no vacancies across all of ISO, so that was exciting. We did something really cool this year, where we had a very successful launch of our passwordless authentication solution. For the first time, there are now 75 people at Yale who cannot log in if they don't have like a YubiKey or something with them. So, they need to have a hardware authentication token with them. And that's a big deal because you can't phish that person's account because you have to have the token there physically.
We weren't sure if we were going to be able to pull this off because if you're a technical user, you can figure it out. But we weren't sure if nontechnical people could really fit this into their workflow. And we proved that we could. So, big kudos to our identity management team who really figured out how to get that done. A lot of schools still haven't even started that. We've also really improved our ability to support regulated research. So, we've got some new folks on our risk and compliance team who are dedicated to research computing. And this is important because there's a lot of very big grants available to universities that have these capabilities. And so, we work closely with our research computing team, our cloud computing teams to create these spaces for high-risk data to be managed.
So, I'm excited about that, but really across the program I am most excited about the agility we've created. We're pivoting to meet real risks. The Awareness Team program is a great example of that, where we still have the best practices that we talk about, but we're able to talk about the real risks that we see to Yale and tailor our message to that. That goes on across the security program now, our risk team is focused on assessing against risks that are known. Our engineering team is building tools to address them. And so that agility is what I'm so excited about. AI is another one where this artificial intelligence, these chatbots, came out of nowhere and Yale is investing $150 million in helping to lead the AI revolution. And our teams had to respond.
We now have people who are working alongside the folks who are deploying these AI tools and understanding what risks there are and how we assess against those. I know, I'm really proud of that work too.
Wendy: It sounds like it's been a pretty dynamic year of growth, of expansion, getting into some new things. I like how you mentioned the agility of the team, that people are very nimble and are able to shift as things change. Because I feel just like with COVID we had to be very responsive the IT generally to the needs of the university. And I feel like this is sort of a parallel with the dynamic changing environment of the cyber world.
Jeremy: There's a philosophy in cybersecurity, especially when you're sort of starting out and you have not as mature a program that the risk assessments are pretty simple. There's certain things that you have to do and if you're not doing them, you're simply not doing your job. So, getting multifactor authentication across the whole university was something that we really focused on five years ago. Before that, there was not much of a choice. If you don't have MFA, you better get it. Now, we have built out these capabilities that get us up above the baseline, above on par with our peers. And now it's not as easy to know what to do next.
And so, that's what I'm really proud of how we have figured out how to look at the risks that we see, look at the incidents that are happening, and translate that into a strategy. I'll give you an example. There's a new proposed HIPAA security rule. They are proposing to change the rules that you have to follow if you're handling HIPAA data and Yale handles a lot of HIPAA data, this will have a big impact on the university and our program if it gets approved. It's a proposal, but these things usually get through in some form. As I read the proposal, I could see there's going to be work here for us. But I was really glad that we've done the work we've done over the past five years. We'd be in big trouble if we hadn't made the investments we'd made.
And so, it's reassuring to know, and we would have had no idea 5 years ago what the HIPAA security rule was going to be in 2025. But the fundamental investments we made in the program clearly were the right ones because that's what's being asked for now.
Wendy: So, it's been a very strategic approach is what I hear you saying.
Jeremy: Yeah, yeah.
James: Jeremy, I'm so glad that you gave us a little bit of insight into how our programs matured, into how the technology that we use matured. MFA is such a great example that I think many of our listeners are going to be familiar with. And I want to ask you a little bit now about some of the initiatives that we're focused on for 2025.
Jeremy: Good question. We still have a lot of work to do on the initiatives that we got rolling in 2024. We only have I think about 75 people enrolled in our more secure access program, which is the passkeys that I was talking about. We want to get that in a lot more places. We want to ramp that up. The IAM team is doing that directly now. We want to expand it out, get it properly integrated into our support infrastructure. We've shown that nontechnical folks can this and we really want to drive it to all the areas of high risk. I'm also looking forward to seeing these regulated research clusters go live. So, I mentioned that we've been working on. We've done a ton of work. These things take a year, year and a half to get going. And so, we are trying to get it done in just under a year. But once those go live, that'll be a new space for Yale. We have not been able to compete for grants in this area.
I understand that there have been researchers who have put forward grant proposals and said, that we will build one of these environments as part of this program. And the agencies come back and say, “No, you already have to have it.” Like if you don't already have it built, then you aren't eligible for this grant. So, this will open some important doors for research and grant opportunities. We're also going to start to spend some time helping Yale's IT staff better understand how they can incorporate good security practices into their day-to-day work. You really need specific technical knowledge to defend specific technologies.
The Information Security Office, we have some great technical folks. They know security controls inside and out. But for any given application, the people who are attacking it know that application inside and out. And the best person to defend that is the person at Yale who maintains or builds or configures that application. We talk in general about the principles that everybody has something to contribute. We have to take that to another level. We need to really start to help people understand what that means for them. And there's a big IT conference coming up. I don't know when this episode is going to drop, but I think it'll before the IT conference in the middle of March. And so, we're hoping to do a session about what that means for IT folks.
James: Collaboration is so important. And I think that's what this year's conference is all about, right, is about how IT and the Yale community at large can collaborate together. And I think for the Information Security Office, it's been a focus, I know, for you and I, Wendy, to build out those relationships with the community and so it's really important, and I'm so glad to see that's really is becoming a reality here at Yale.
Jeremy: Yeah, it's where we always wanted to get to. There's diminishing returns on how much the security engineers can do on their own at this point. And now we need that multiplier effect of having everybody contributing their knowledge. And it's not easy because everybody's busy. I'll mention one more thing that we're working on, is that our program is built around the NIST Cybersecurity Framework. That's how we sort of figured out where our gaps were and what we wanted to work towards. Well, they've updated that framework, so there's a whole new version. They've made some really great changes that make it a lot more useful to organizations like ours. It was originally designed for critical infrastructure, like people running power plants, and we modified it for our use. Now it's designed for just about anybody to use.
So, I'm really looking forward to-- We're going to reassess our entire program against the new framework. And that should help us sort of lay out a roadmap for the next three years at least. And so, I'm excited to see what that.
Wendy: I'm excited about that, too. I'm excited to see just how much we've matured in hearing you talk about it, the things that really are evolving in support of our university mission.
Jeremy: It's good to stop every so often and take a look at what we've done. And so, this will be an opportunity for us to really do a deep dive and see where we are, because time flies.
Wendy: It really does. And I also know, to your point about having now this full team, there are people, of course, that were not here when we had our first roadmap several years ago. So, I think it's also a great opportunity to really help everyone understand this roadmap for the next couple of years and where we all fit into that.
Jeremy: I think at least half of our team wasn't here five years ago. I think that's how much we've grown and how quickly.
Wendy: I do want to shift a little bit. We talked very generally about cybersecurity at Yale. And now I want to ask you specifically about cybersecurity awareness, the work that James and I and Jess are doing, obviously, to engage and inform and inspire our Yale community in creating healthy habits and cybersafe behaviors. Jeremy, what are you most excited about regarding where we are with our Cybersecurity Awareness Program.
Jeremy: So, you're shamelessly fishing for compliments, Is that what I'm hearing? [James laughs] Well, it's my pleasure to give you compliments because I absolutely love the new university-wide training program. That was such a lot of work that your whole team did. I took it, I did very well. But I think that anybody will learn from it. It hits all the right marks. There's a danger of just being very generic about those things. But I thought you dug in the right places and there was clearly a lot of thought put into it. So, information security is not an IT problem, it's a business problem. And business users and the business in our case is research, education, clinical. Those business users need to understand what their role is.
And so, that's a huge move forward as we focus on IT staff. We have to spend just as much time on the rest of the university. So that's exciting. I always love the New Year, New You campaign. Gets us off to a great start. I find that feels like a clean slate. Now we get to start over again and go through the whole process. We start the New Year, New You, and then we end up at Cybersecurity Awareness Month. I know there's still a couple of months after that, but that's when things are winding down. So, we're off and running. I think that we're doing a great job of creating strong, sustainable cyber habits, right?
I was just having a conversation with our Deputy CISO John Coleman, and just talked about how important it is that people continue to hear from us and that it be done in a professional way. I don't know if everybody reads every one of your newsletters or every article that you get on. It's your Yale, but I'm sure that every so often they notice and they're reminded that Yale has a very sophisticated cybersecurity program. And that's huge. And I also really like the way we've built this infrastructure where when we do have a critical message to get out, you have a bunch of avenues to do that. So, those are some of the things that I'm excited about. And of course, I understand that you're doing more customized engagements with departments, doing custom cahoots for departments. And so, anything you can do to make the message more meaningful to any given individual is huge. I could go on about all of the things that I'm proud of this program.
James: Well, I will say the training and of course, our New Year, New You campaign is also one of my favorite things about our program. And I'm really excited because this year we're incorporating into our New Year, New You campaign. So, from both perspectives. we'll have some opportunities for education and learning, but we're also going to have some opportunities to have fun. So, some really exciting things coming on. And Wendy, I'm sure that you would agree with me. I know that we both were pretty happy with the outcome of the training and sort of how things wound up.
Wendy: Yeah, absolutely. And I think because it's Yale-ized, if that's a word, it feels very Yale-ish. It is our Cyber Bee. It's all of the colors you find website. It's a lot of pictures of people on campus, faculty, students, and staff, and it really does feel like Yale. And I know that's part of what we were trying to capture as opposed to a more generic kind of training that could be really good. But it doesn't feel like Yale because I think so much of what we talk about in awareness is that we need to engage people. We need to find an in to spark their curiosity, to spark their interest, to do these things that we all need to do. But just doing the same old thing doesn't always get it done.
I feel like we've really taken this very compelling and interesting path to engage people. And I think that's where it starts. So, when you can get people in and then they tell someone else, “Oh, you know, I took the training. Training was great. You really should take the training” or “I'm going to do this challenge, the New Year, New You challenge. Do you want to join me?” “Can we get everyone in our department to do it?” So, I think by making things interesting and different and a little incentivization too, we have some cool swag we like to give away. Jeremy, as you know, it does pique people's interest in doing something that's so important. So, it's finding that balance. And I feel like we're definitely this year going to be off to a great start to the point you both just made.
Jeremy: And it doesn't hurt that the training opens with that super charismatic speech. [laughs]
Wendy: Right. Who was that? That was so compelling. Oh my gosh.
Jeremy: I don't know if you could find them. We should get him to do more videos. He is—[crosstalk]
Wendy: We should, we should. I think you're right. I think we need that CISO in all of our videos. I'm just saying.
James: I think that's a great idea. And, I think ultimately, it's all about trying to get people thinking about cybersecurity, trying to get people to build those cyber habits both at home and at Yale. Jeremy, taking things back around to the importance of security at Yale, I want to ask you to tell us a little bit about some of the biggest cyber risks that we should be aware of for Yale in 2025.
Jeremy: One of the things that keeps me up at night is the risk of the things that I don't know about. There's so much weird stuff going on at Yale. So, many little labs running older technology, things like that. That's a risk that we spend a lot of time trying to figure out how to get around. How do we figure out what we don't know? So that's a little bit abstract, but when you ask that question, that's the first thing that pops up, because that's what I've been thinking about a lot lately. Social engineering, it's still at the top of the list, especially now that the bad guys can get AI bots to write and tweak the phishing messages for them.
That's why it's so important that we get this hardware authentication rolled out more broadly, because then even if they trick you into giving out your username and password, if they don't have this physical device in the room with them, they can't log in as you. So that's important. And honestly, it's not as flashy, but just as important is regulatory risk, right? So, Yale gets a lot of money and more importantly, a lot of data from these various levels of government. And that money comes with strings attached. Comes in the form of rules and regulations, and we have to follow those or we can lose access to critical research data, and research funding. We're seeing a pattern where these government agencies are recognizing that traditionally organizations have not done a very good job of cybersecurity, and so they're turning up the heat.
And so, what was an acceptable level of security a couple of years ago will not be in the future. The new HIPAA security rule that I was talking about earlier is a great example of where regulators are saying, “Okay, enough is enough.” Letting our data get stolen, and then saying, “Sorry, we'll do better next time” is not going to cut it anymore. So, I think those are some big risks that we have as an organization, risks that are unique to higher ed. And frankly, it's what keeps it interesting and why we do it.
James: Well, one of the things that I appreciate about some of those risks that you talked about is the small technologies, those one-off technologies, and these things that we don't know about. Hopefully, the work that we're doing specifically, Wendy, I, and Jess is educating the community about the importance of working with information security to make sure that we're protecting everything appropriately and that we're really being good stewards of Yale's data and systems.
Jeremy: That's absolutely right.
James: So, we have some opportunity there, wouldn't you say, Wendy?
Wendy: Always an opportunity. Always an opportunity. And as I kind of step back from our conversation, I feel like we're moving in the right direction, we're making progress, there are big issues still to tackle and grapple with. And to your point, Jeremy, about the dynamic, changing nature of the cyber world, there will always be those things. It always feels like we're running to catch up. We have this amazing staff, but 40 people can only do so much.
Jeremy: Yeah.
Wendy: Cybercriminals are always a step ahead of us with the latest thing that they're doing.
Jeremy: Yeah. I mean, that's just the nature of the beast. We have to get it right every time, and they only have to get it right once.
James: So true.
Jeremy: That's what we're up against.
Wendy: So, I'll be really excited to see how things unfold with both risks and the initiatives that we're going to build on from last year's success. And of course, all the things that pop up that we don't even anticipate. So, it'll be really interesting. Jeremy, any last things you want to share with our audience, the Yale community, about cybersecurity at Yale?
Jeremy: I try not to paint a picture of doom and gloom. I hope that's what-- I hope people got that. I think that we can never eliminate risk. That is a mistake. Some people make that they think that cybersecurity is about reducing risk to zero. It'll never be zero. It's about making smart choices, wise investments, not overinvesting, not underinvesting. And that goes for not just our money, but your time. So, we appreciate that you can find some time to commit to this. And I think following a lot of the advice that they get from our awareness program, from both of you, from these podcasts, can really help them dial in what they can do, and it will make a big difference.
James: Yeah, cybersecurity really is a lifelong journey.
Wendy: It is. And I think the essence of that is what can I do? What are the simple things that I can do to help Yale be safe and secure that would pertain to my work? Jeremy, thank you so much. It is so good to have you back in our guest chair. It's been way too long, so we're going to have to do this much more often. That's what I'm taking away from this conversation.
Jeremy: Well, there better not be any more seasons that go by without me. That's for sure. [James laughs]
Wendy: I know, right?
Jeremy: I don't know which season it was, but I'm sure it was the weakest one.
[laughter]
Wendy: Of course, right. And so, I don't know a better way to start off a new season than to have our esteemed CISO join us. And we really appreciate your time. We know you're incredibly busy. We appreciate you coming and joining us and really painting a picture for us of where we've been and where we're going.
[music]
James: Here's the buzz on passwordless authentication. I'm sure most of us would agree that managing our passwords is a bit of a pain. Remembering all those combinations of letters, numbers, and symbols can be a nightmare. And let's be honest, we probably recycle our passwords for different accounts or write them down somewhere, both of which are big security risks. Not to mention, passwords can be cracked or exposed in a data breach. That's where passwordless authentication comes in. It's about using something besides a password to prove you're the real you. Two common examples of passwordless are biometrics and hardware security keys. A form of biometrics we're all likely familiar with is using a fingerprint or facial recognition to access our phone or laptop. That's passwordless authentication in action.
Ultimately, biometrics use our unique physical characteristics, like our fingerprints, faces, or even our voices, to verify our identity. And these unique characteristics become the key. Now, security keys are small USB devices that are like digital keys for our accounts. They work just like a physical key for our house. We need to have it to unlock the door, or in this case, our online accounts. We simply plug the key into our computer or tap it on our phone, and that's it, we're logged in. Security keys also add extra security because they're tied to our specific devices and applications. And because we need this physical key to log in, our accounts are much harder to compromise than when using typical passwords. Of course, there are always trade-offs.
Biometrics can be spoofed and security keys can be lost, but overall passwordless authentication is a promising step towards more secure and more user-friendly authentication. In the meantime, here are some tips for powering up our passwords and ensuring our accounts are protected. Create long and unique passwords for every account. Consider using passphrases to make passwords easier to remember. Don't include information like your name, the name of your family members or your pet's names. Avoid numbers like your birthday, anniversary or other important years. Enable multifactor authentication on all of your important accounts. This adds a second layer of protection beyond a password alone. Consider using a password manager to create complex passwords for all of your accounts. They also make our lives easier by remembering and auto-filling our passwords when we're logging in. And keep listening to the Bee Cyber Fit podcast where we help you to be aware, to be prepared and to be cyber fit.
Wendy: James, I loved this episode today. I love the conversation that we had with Jeremy. It was very eye-opening because many of you are listening and you're thinking, well, what can I do now? I heard about what's happening this year, what Jeremy is excited about, what some of the plans are. What is it I can do though right now to get started I want to share with everyone three simple calls to action. Earlier in this episode we had a quick mention of our New Year, New You campaign. That's our kickoff campaign every winter when we help our Yale community build strong cyber habits. And one thing that you can do is sign up to take part in our challenge which is taking place the whole month of February.
Number two, we have two fantastic events planned for February open to everyone in our Yale community. On February 13th, we have a panel with experts from our Information Security office called Ask Me Anything where you can come and get questions answered about all things cybersecurity. It's going to be an interactive, highly informative session. And on the 26th of February, we are excited to welcome an FBI agent from our local field office in New Haven to join us for an interactive webinar where she will be sharing all kinds of very helpful information, tips, and tricks to thwart the increasing cyber threats that we see. So that's going to be a great session. We hope that you will sign up for both of those and the link is in the show notes.
Finally, we value your input. Every year we have an annual cybersecurity survey. It's a brief survey asking you some questions to help us have an impactful program. We would love to get your feedback about what's working, and what you'd like to see what we could do differently to help you strengthen your cyber muscles. And we are including a link to our brief survey in the show notes as well.
James: That's great. Hopefully, we'll hear from our listeners in our survey, and hopefully, we'll see them during our New Year, New You Challenge, and at those two upcoming workshops.
[music]
And that's all that we have for today. So, until next time, I'm here with Wendy Battles. And I'm James Tucciarone. We'd like to thank everybody who helps make this podcast possible. And we'd also like to thank Yale University where this podcast is produced and recorded.
Wendy: Thanks for listening, everyone. We really appreciate you being here to help us kick off Season 4 of the Bee Cyber Fit podcast. And remember, it only takes simple steps to be cyber fit.
[Transcript provided by SpeechDocs Podcast Transcription]
