Welcome to UWA Cyber Security
Cyber Security is a body of technologies, processes and practices designed to protect data and other digital assets from cyber-attacks, damage or unauthorised access.
University data can contain sensitive information such as intellectual property, financial data or personal information that all members of the UWA community have a responsibility to protect.
Our services are available to all members of the UWA community, helping you protect your and the University's data and digital assets.
Cyber Security awareness and trainingProviding awareness training, including face-to-face workshops and presentations to staff on cyber security risks and good practices
Cyber Security consultation servicesAssessing the potential security risks and exposures of your project, systems, applications and proposed third-party contracts
Identifying pragmatic safeguards to assist you deliver your goals in a secure manner
Assisting with interpretation and application of security policies and guidelines
Cyber Security incident mitigation and responseResponding to cyber security threats, vulnerabilities and incidents.
Conducting post-incident analyses to identify root causes and determine appropriate mitigating controls.
You may request the above cyber security services through the University IT Service Desk. Call ext. 1515 (+61 8 6488 1515) or email firstname.lastname@example.org.
We work closely with the University's Information Governance Services to enable 360° information security. If you would like to know more about information classification and handling, privacy, record keeping and retention, please visit the Information Governance Services website
Policies and standardsAt the heart of our cyber security efforts is the mission to enable users of the University’s IT assets and services, our students, staff or third parties, to do their business and achieve their goals in a secure manner. In turn, everyone has to be aware of certain security responsibilities and the role we all play in maintaining adequate security. Our policies define the principles that the University Community must follow when using UWA IT systems and services.
Acceptable Use of IT PolicyIT assets and services of UWA are shared resources that underpin teaching, learning, research and core business activities. The Acceptable Use of IT Policy details your personal security requirements when using IT to maintain a secure, ethical, productive and reliable IT environment for the benefit of all of us.
Cyber Security PolicyUWA recognises that cyber security is a fundamental enabler of its mission and strategies. Without secure and reliable information, we cannot provide world-class education, trusted research and community engagement. The Cyber Security Policy commits the University to preserving the security of its IT assets and services, and expresses risk-based cyber security principles.
Cyber Security Management FrameworkThe Cyber Security Policy mandates the development and implementation of a Cyber Security Management Framework (CSMF) that provides detailed requirements for the protection of IT assets and services. This University IT Standard is based on the ISO27001 Standard to leverage industry best practices, benchmark security performance and enable continual improvement.
Cyber Security Guidelines
Protect your digital self
- Email scams and phishing
- Think before you click! Learn about how to identify email scams and phishing attacks, which are designed to steal personal information or gain access to University systems.
- Safe Internet browsing
- Learn about the steps you can take to stay safe and protect your personal information when you are browsing the Internet.
- Protect your passwords
- One of the most common forms of cyber-attack is via weak passwords. Is your password weak and are you following good password practice?
- Travelling with electronic devices
- If you are travelling for business or personal reasons it is imperative you take extra caution when using your mobile devices.
Protect your devices
- Avoid malware infection
- What is malware and how do you avoid becoming a victim? Learn what steps you can take to identify and protect your devices and University information.
- Secure your devices
- Get familiar with some basic steps that you can take to ensure your computer and other devices you use are protected from a cyber-attack.
- Protect your sensitive data
If you need to transfer or share sensitive data, follow these simple steps to ensure only authorised people have access to University or personal information.
Protect your University
- Acceptable Use of IT Brochure
- Here is a printable brochure explaining the requirements of the Acceptable Use of IT Policy.
- Accessing regulated digital content from University networks
Learn how to request access to websites considered as regulated digital content.
How to report a cyber security incidentYou can call the IT Service Desk on ext. 1515 (+61 8 6488 1515) or email email@example.com to report an incident.
If you wished to make an anonymous complaint or disclosure, you may submit your report through the Complaints portal.
How to identify a cyber security incidentAny attempted or successful unauthorised access, disclosure, or misuse of University computing systems, data or networks (including hacking and theft) can be considered as a cyber security incident. It may involve:
• a violation of IT Policies or Standards
• device loss or theft - personal or University owned
• unauthorised computer or system access
• loss of information confidentiality
• loss of information availability
• compromise of information integrity
• a denial of service condition against data, network or computer
• misuse of service, systems or information
• physical or logical damage to University devices and equipment
• tempering with the configuration of University devices and equipment
• presence of a virus or other malicious program, including alerts from your antivirus software that your computer may have malware
• sudden appearance of unexpected/unusual programs
• posting of confidential/restricted data to a publicly accessible website
• inadvertent sending of restricted data to unauthorised recipients
• establishment of an unauthorised accounts for a computer or application
• unusual network connections to a computer or an application
• sharing or revealing of University account passwords
Security Tip of The Day
- Personalized Scams
- Tue, 22 Oct 2019 00:00:00 EST
- Cyber criminals now have a wealth of information on almost all of us. With so many hacked organizations now a days, cyber criminals simply purchase databases with personal information on millions of people, then use that information to customize their attacks, making them far more realistic. Just because an urgent email has your home address, phone number or birth date in it does not mean it is legitimate.
- Read more
- Mobile Apps
- Mon, 21 Oct 2019 00:00:00 EST
- Only install mobile apps from trusted places, and always double-check the privacy settings to ensure you are not giving away too much information.
- Read more
- [Information] - VPN "Virtual Private Network"
- Published Tues, 10 April 2018
- Read more
- [Information] - IoT "Internet of Things"
- Published Wed, 14 March 2018
- Read more
- [Advisory] - Meltdown and Spectre vulnerabilities - what you need to know
- Published Wed, 31 Jan 2018
- Read more
- [Advisory] - Global ransomware campaigns - "Petya" and "NotPetya"
- Published Wed, 28 Jun 2017
- Read more