Notice: This article is more than one year old and is part of the Henry Ford College news archive. Information in the article may be outdated. For the most current news and information about Henry Ford College, please visit hfcc.edu/news, or contact communications@hfcc.edu.
Release Date: 
Thursday, November 17, 2022

Cybersecurity Awareness Training for all employees

Lock symbol and microcircuit security illustration on laptop background.

HFC’s IT department recently ran a simulated phishing security test to determine how the College would react if a real phishing attack were to occur.

Phishing is a type of cybercrime where hackers try to trick users in order to gain access to sensitive information, such as usernames and passwords, by pretending to be a person or organization HFC employees trust. To avoid being caught by spam filters, hackers typically send phishing emails in bulk to a variety of people and organizations.

Cybercrime is getting more serious and hard for users to identify. Hackers are getting better at tricking people into clicking on fraudulent links or opening malicious attachments in emails. Phishing attacks can even be sent to your personal email. More than 90% of breaches begin with an e-mail.

Defending HFC against cybercrime

The percentage of users who clicked on the link in a recent simulated attack was 3.6%.

While these results are very good on a blind simulated test, additional measures will be implemented to help prepare us for any real-life scenarios.

To help combat the ongoing problem of phishing, HFC has decided to enroll all employees in comprehensive cybersecurity awareness training. Security is everyone’s job. You are the last line of defense for helping keep our organization safe.

“There is a saying in many security organizations that the good guys have to win every time, the bad guys only have to win once,” said HFC Director, Network and IT Infrastructure Joe Zitnik. “Cybersecurity awareness training is about doing our best to make sure we are doing all we can to protect the college from cyberattacks.”

Cybersecurity training, and simulated phishing tests

Be on the lookout for an e-mail that training has been assigned from “KnowBe4”, and the URL will begin with https://training.knowbe4.com/login.

In the near future, ITS will send an email to invite you to participate in this training. In addition to security training, ITS will continue to send out simulated phishing tests so that you can practice the skills you will learn during your training.

General cybersecurity guidelines to keep top-of-mind:

  • HFC ITS will never send you an email asking you to provide your password, or to verify your account.
  • Email from internal people like the College President, HFC Communications, HR, or one of the Vice Presidents regarding HFC business will ALWAYS come from an @hfcc.edu address.
  • Be especially careful opening documents or links within emails that you were not expecting.
  • Read links carefully. Bad guys like to switch characters, add additional characters, or omit characters from common links, thinking you won't notice the typos.
  • Please participate in cybersecurity training when we send it to you.

If you have reviewed all of the above and completed the training and you still have a question about a specific email, contact the Help Desk for assistance.

For questions or more information about cybersecurity training, contact Zitnik at jzitnik@hfcc.edu.