Take Action Today!


ASU Information Security Office

ASU Information Security Office's Mission
Arizona State University’s Information Security Office is committed to preserving the availability, confidentiality, and integrity of its information resources while preserving and nurturing the open information-sharing requirements of its academic culture.

ASU Information Security Office's Vision

  • Embed information security into the culture of ASU
  • Ensure alignment of the information security program to the University's mission
  • Increase visibility into the University’s security posture

For additional information, please read more.

2020 IT Risk Assessment

The IT Risk Assessment process is a university-wide review of 30+ ASU units conducted yearly within a 3-year cycle to inform the strategic security focus of the university.

For additional information on this year’s review, please read more.



  • US-CERT Current Activity
    The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
  • Internet Crime Complaint Center (IC3)
    The Internet Crime Complaint Center (IC3) is an alliance between the National White Collar Crime Center (NW3C) and the Federal Bureau of Investigation (FBI). IC3’s mission is to address crime committed over the Internet.
  • Microsoft Security Bulletins
    Microsoft security bulletins provide information & news about computer vulnerabilities and security updates to keep your computer protected.
  • Apple Security Updates
    This document outlines security updates for Apple products.
  • Oracle Critical Patch Updates, Security Alerts and Third Party Bulletin
    This page lists announcements of security fixes made in Critical Patch Update Advisories and Security Alerts, and it is updated when new Critical Patch Update Advisories and Security Alerts are released.

Protecting Against Phishing

What is Phishing?

Phishing, in a nutshell, is the online version of a con-job. The perpetrators of phishing messages are essentially tech-savvy con-artists. In a phishing scam, these con-artists send out messages and emails that "look" legitimate, hoping to trick the unsuspecting user into giving out their personal information, including usernames and passwords, and allowing the perpetrator to conduct identity theft.

Read more

Phishing Scam - CARES Act

Submitted by btwoods on June 24, 2020 - 8:49am

Arizona State University has been made aware of a phishing email that is currently circulating to our students. It references the Coronavirus Aid, Relief, Economic Security (CARES) Act and asks students to provide personal information. Please be advised that this is NOT an email from ASU’s Financial Aid and Scholarship Office and no action should be taken.

For reference, here’s the link to the phishing email. 

High Risk attacks following the COVID-19 Pandemic

Submitted by btwoods on March 19, 2020 - 11:15pm

Public Service and Healthcare organizations have been a prime target for cyber attacks in recent years. Within the emergence of COVID-19, these critical organizations have seen a rise of attention from cyber threat actors. Not only is the nature of the sensitive data appealing, but the critical functions they serve. A breach into these institutions could have devastating effects on those in need and of the life-sustaining services provided by these organizations.

COVID-19 Map Malware

Submitted by btwoods on March 16, 2020 - 10:22am

As the university leadership has been closely following events and recommendations surrounding the outbreak and spread of the novel coronavirus (COVID-19), it is important to not only stay physically healthy, but online as well.