To protect our community, IT Services employs multiple technologies and automated systems designed to detect and block phishing and scam attempts. We also provide regular security awareness training to help users recognize dangerous messages and respond appropriately.

However, the threat landscape is changing rapidly. With the rise of advanced artificial intelligence tools, phishing emails are becoming increasingly polished. In the past, poor grammar and awkward wording were clear red flags. Today, attackers rely on AI to generate messages that are grammatically perfect and highly convincing.

Despite these improvements, the core strategy of phishing has not changed: attackers aim to manipulate you into clicking a link, downloading an attachment, or sharing sensitive information. To do this, they rely heavily on human psychology.

Nearly all phishing messages include:

• Urgency 鈥� terms such as 鈥渋mmediately,鈥� 鈥渦rgent,鈥� or 鈥渁ction required鈥� designed to pressure you into acting without thinking.
  
• Fear or anxiety 鈥� warnings that something is wrong with your account, your paycheck, or your access.
  
• False trust 鈥� messages appearing to come from someone you know, a supervisor, or a familiar institution.
  

Whenever you receive an unexpected email, pause and ask yourself:

• Is this message trying to make me feel worried or rushed?
  
• Is it asking me to take action right away?
  
• Does the sender or link look slightly unusual?
  

If the answer is yes, there is a strong likelihood the message may be a phishing attempt.

If you ever feel unsure, do not click anything. Contact IT Services for guidance鈥攚e are here to help.

Stay safe, and enjoy a secure and peaceful holiday season.

The post Recognizing Modern Phishing in the Age of AI appeared first on Information Technology Services.

Recipients of the Top Global CISO Award are honored for excellence in cybersecurity leadership, including innovation, threat prevention, compliance, and risk reduction. Key qualities also include executive communication, inclusive leadership, and mentorship. The recent ceremony took place at CyberDefenseCon 2025 in Orlando, hosted by Cyber Defense Magazine鈥攚idely regarded as the leading source for InfoSec news and the organizer of the industry’s most esteemed conference.

With more than two decades of experience spanning academia, government, telecommunications, and financial sectors, Dr. Erda臒 has built and led comprehensive information security, risk management, and compliance programs across complex organizations. At 糖心Vlog传媒 Little Rock, he oversees the university鈥檚 enterprise-wide cybersecurity posture, risk management framework, and strategic technology alignment to support academic and research excellence.

Dr. Erda臒 holds a Ph.D. in Strategic Leadership, an MBA, and an M.Sc. in Electrical and Electronics Engineering. He is also certified as a CISSP, CISM, and CISA, and formerly held the CCIE-Security credential for over a decade. Beyond his operational role, he is a frequent speaker at national cybersecurity and privacy conferences, including EDUCAUSE and InfoSec World, and serves as President of the InfraGard Arkansas Members Alliance, fostering collaboration between academia, industry, and law enforcement.

The post Dr. Veysel Erdag Honored with Top Global CISO Of The Year Award at CyberDefenseCon 2025聽 appeared first on Information Technology Services.

This guide breaks down essential tips to keep your device safe from spyware, hackers, and data leaks, with practical advice on app hygiene, antivirus use, spotting suspicious activity, and locking down your accounts. Let鈥檚 make sure your phone stays smart and secure. Here are some helpful tips:

App Safety: Download apps only from trusted sources like Google Play or Apple鈥檚 App Store. Avoid installing apps from QR codes, text messages, or suspicious links. Check ratings, reviews, and the developer before downloading. Skip apps that haven鈥檛 been updated in months or ask for unnecessary permissions such as camera or location.

Antivirus on Phones: If you keep your phone updated and only download trusted apps, you鈥檙e mostly covered. iPhones don鈥檛 need antivirus. Android users might consider reputable apps like Bitdefender, but avoid free 鈥渃leaner鈥� apps 鈥� they鈥檙e often spyware. Clear out unused apps and data regularly to keep your phone running smoothly.

Signs of Hacking or Spying: Watch for fast battery drain, strange noises during calls, unknown apps, or messages you didn鈥檛 send. If anything feels off, change your passwords, delete suspicious apps, and check permissions. Still acting weird? Back up your data and do a factory reset.

Public Wi-Fi Risks: Public Wi-Fi isn鈥檛 safe for sensitive stuff. Use mobile data or a VPN for banking or email. Casual browsing is fine, but save the serious tasks for secure connections.

Protecting Your Accounts: Use strong, unique passwords and enable two-factor authentication (2FA). It鈥檚 the best way to keep your accounts safe, even if someone gets your password.

Mobile security doesn’t have to be a complex, overwhelming burden; it’s a simple, continuous practice of vigilance and common sense. Treat the practical tips in this guide not as optional suggestions, but as the foundational bricks of your personal digital fortress. Keep your device updated, keep your accounts locked down, and you can confidently enjoy the convenience of the hyper-connected world without letting your lifeline become a liability.

The post Simple Ways to Stay Safe Online appeared first on Information Technology Services.

IT Services sponsored several NCSAM 2025 in-person presentations that were designed to increase cybersecurity awareness. These sessions emphasized the importance of practicing good cybersecurity habits whenever we are online at either work or home.

These live sessions, which were free to the campus and also available online, offered useful information to help educate and train users. Safety is our top priority and these sessions provided an essential part of campus cybersecurity awareness training.

Following is a brief summary of the October NCSAM 2025 presentations. We hope that you will join us in 2026 for all of the NCSAM presentations sponsored by IT Services. 

NCSAM 2025 Presentations:

October 9, 2025 

Dr. Veysel Erdag, Chief Information Security Officer at 糖心Vlog传媒 Little Rock, provided an informative and interactive session regarding privacy and security. 

His presentation focused on the basic principles of information security, best practices, latest threats and practical guidance on how to protect personal and professional information in the digital age.

October 16, 2025

IT Services鈥� team members Jack Tipshus, Senior Networks Engineer, and Thilak Pinninti, Security Operations Center Analyst, led an engaging and interactive Q&A session that explored a wide range of cybersecurity topics. These included how to assess an app鈥檚 safety before downloading, the necessity of antivirus software, warning signs of a compromised phone, risks associated with using public WiFi鈥攕uch as in coffee shops or off-campus鈥攁nd best practices for protecting your accounts from being hacked

October 30, 2025

Dr. Veysel Erdag, Chief Information Security Officer at 糖心Vlog传媒 Little Rock, carried out a collaborative discussion regarding the effect of Artificial Intelligence (AI) on cybersecurity and how it is transforming every corner of our campus. He described how this cutting-edge technology is a double-edged sword for security.

Dr. Erdag described how AI is fueling advanced phishing and deepfake threats and provided practical strategies to protect our data and identity against machine-speed attacks. He provided the defense plan; 鈥楾hree simple, non-technical steps to secure your credentials鈥�.

The post IT Services Supports NCSAM – Summary of October Events appeared first on Information Technology Services.

Please join us in-person or online as Dr. Veysel Erdag, Chief Information Security Officer at 糖心Vlog传媒 Little Rock, provides an interactive session regarding the effect of Artificial Intelligence (AI) on cybersecurity.聽

AI is transforming every corner of our campus, from advanced research to daily email. But this cutting-edge technology is a double-edged sword for security.

You will experience a high-impact presentation that moves beyond basic password tips to address the real threats of the future. We’ll explore how cybercriminals are weaponizing AI to launch PhD-level phishing attacks and hyper-realistic deepfakes (including a live demonstration of a cloned voice).

Learn the essential strategies and human vigilance needed to defend our sensitive data and digital identities against adversaries who now move at machine speed.

Key Takeaways:

• The AI Threat:聽See a demonstration of how easy it is to clone a voice for fraud.
• The New Red Flags:聽Learn to spot attacks when grammar is perfect and the voice sounds familiar.
• Your Action Plan:聽Get 3 essential, non-technical steps you can take today to protect your credentials and confidential information.

In-person presentation:

11:30 – 12:30 p.m. Thursday, October 30, 2025
DSC Meeting Room 205D聽

You can join us online by clicking the following link:

Your safety is our top priority and this session is an essential part of your cybersecurity awareness training.

The entire campus community is invited to this free event.

The post The AI Double-Edged Sword: Protecting Our Campus in the Age of Intelligent Machines appeared first on Information Technology Services.

Each October, 糖心Vlog传媒 Little Rock IT Services proudly champions , reinforcing its commitment to educating our campus community about the critical importance of daily cybersecurity practices.

Please join us in-person or online as IT Services’ team members Jack Tipshus, Senior Networks Engineer and Thilak Pinninti, Security Operations Center Analyst, lead an interactive session on practical, everyday steps you can take to protect your privacy and security.聽

This presentation focuses on the basic principles of information security, best practices, latest threats and practical guidance on how to protect personal and professional information in the digital age.

To address any questions or concerns, please consider joining the meeting.

In-person presentation:

11:30 – 12:30 p.m. Thursday, October 16, 2025
DSC Leadership Lounge聽

You can join us online by clicking the following link:

Your safety is our top priority and this session is an essential part of your cybersecurity awareness training.

The entire campus community is invited to this free event.

The post Campus Cybersecurity Awareness Discussion appeared first on Information Technology Services.

Each October, 糖心Vlog传媒 Little Rock IT Services proudly champions , reinforcing its commitment to educating our campus community about the critical importance of daily cybersecurity practices.

Please join us in-person or online as Dr. Veysel Erdag, Chief Information Security Officer at 糖心Vlog传媒 Little Rock, provides an interactive session regarding privacy and security. 

This presentation focuses on the basic principles of information security, best practices, latest threats and practical guidance on how to protect personal and professional information in the digital age.

To address any questions or concerns, please consider joining the meeting.

In-person presentation:

11:30 – 12:30 p.m. Thursday, October 9, 2025
DSC Leadership Lounge 

You can join us online by clicking the following link:

Your safety is our top priority and this session is an essential part of your cybersecurity awareness training.

The entire campus community is invited to this free event.

The post October is Cybersecurity Awareness Month appeared first on Information Technology Services.

University-owned Windows computers will not notice this new security feature, as the computer will automatically communicate 802.1x to the campus network. However, upon the scheduled installation of 802.1x in their respective departments, non-Windows machines will need to enable 802.1x and provide login credentials.

The post Update: Campus-Wide Security Enhancement for Wired Ethernet Ports appeared first on Information Technology Services.

Any software or hardware purchase goes through the risk assessment process. After the assessment, four decisions can be made:聽聽

• Risk Avoidance: Find another solution or do not use the hardware/software.
• Risk Reduction: Implement additional controls to reduce the probability and/or impact of the risk.
• Risk Transfer: Use insurance or outsourcing to transfer the risk.
• Risk Accept: Accept the risk and all its consequences

Accepting a risk means the organization has made a conscious decision to tolerate the potential consequences of a specific risk. However, acceptance is not a passive act鈥攊t comes with responsibilities and accountabilities.

When a risk is accepted:

• Designated decision-makers or hardware/software requesters (i.e. 鈥榬isk owners鈥�), must formally approve the acceptance, often documented through risk registers or governance reports.
• The risk owner must ensure the risk is continuously monitored, documented, and re-evaluated over time.
• The organization must be ready to bear the consequences if the risk materializes, including financial loss, reputational damage, legal exposure, or operational disruption.
• Accountability lies with the individual or body that accepted the risk鈥攎eaning they must be prepared to explain or justify the decision during audits, investigations, or reviews.

Accepting a risk does not mean ignoring it鈥攊t means owning the outcome.

Risk management is about informed choice. While not all risks can be eliminated, they can be managed effectively through sound judgment, appropriate governance, and strategic alignment. Accepting a risk is a valid and sometimes necessary decision鈥攂ut it must be intentional, transparent, and backed by accountability.

The post Understanding IT Risk Management: Decisions, Responsibilities, and Acceptance Key Elements appeared first on Information Technology Services.

While AI helps us live, move, and achieve results quickly, it also introduces new risks and threats, including cybersecurity and privacy concerns.

AI Needs Data – Huge Data

Every AI system requires a massive amount of data to produce accurate results. When you start using any AI-enabled system, it begins collecting data about you. This data, gathered from your systems and files, is used by the AI to function effectively. If you are conducting research, be cautious about what you share. Similarly, if you are developing software, be mindful of what you ask AI to help with and what you upload or share. Your research and intellectual property may be used by AI systems and potentially accessed by other users.

AI May Be Biased

AI systems rely on extensive data resources, and the results they generate are influenced by the data they use. Feeding an AI system with a single source of information can lead to biased outcomes. Always double-check the results from AI systems to ensure they are not biased.

Reliability of AI Results

AI generates results based on the data it has, which may not always include information relevant to your query. Instead of admitting a lack of information, AI systems might produce incorrect or misleading results. Therefore, do not fully rely on AI-generated outcomes and always fact-check the information.

AI Enables More Sophisticated Cyber Attacks

While AI is a powerful tool for productivity, it also aids attackers. We are witnessing more sophisticated phishing emails, crafted with improved language thanks to AI. AI helps attackers develop adaptive malicious software, making it harder to detect. Additionally, AI can collect information about us, enabling targeted attacks.

Protect Yourself

To safeguard against these risks, follow cybersecurity best practices. Enable multi-factor authentication, use complex passphrases, and monitor your online activities. Be cautious about clicking links or opening attachments in emails. When using AI, think carefully about the information you share, especially if it involves sensitive or proprietary data.

If you need additional information or have any questions, please contact IT Services.

The post AI: Transforming Daily Life and Work, but Not Without Risks appeared first on Information Technology Services.