News & Events

Artificial Intelligence (AI) is quickly becoming part of everyday life at Syracuse University. Faculty are using it to accelerate research. Staff are exploring ways it can improve processes and efficiency. Students are experimenting with it to learn, create, and problem-solve in new ways. AI has the potential to open doors we’ve only just begun to imagine. 

With that opportunity comes responsibility. Just like email, cloud computing, and mobile devices transformed how we work and learn, AI brings both benefits and risks. The good news is that with a few mindful practices, we can make the most of this technology while staying secure. 

Here are a few things to keep in mind as we embrace AI on campus: 

• Use the right tools. The University is investing in licensed AI platforms that are safer and more reliable than consumer-grade, free alternatives. Using approved tools helps protect both your information and the University’s data. 

• Protect your inputs. AI is only as safe as the data you give it. Avoid entering personal information, student records, or confidential research into any AI system unless it has been cleared for that use as shown in the University’s Artificial Intelligence Guidelines. 

• Stay alert for “AI-powered” scams. Just as we use AI for good, attackers can use it to make their phishing emails, phone calls, and fake websites more convincing. The basics still apply: slow down, double-check, and verify before acting. 

AI is an exciting part of Syracuse University’s future, and your awareness helps us use it responsibly. By combining innovation with security, we can lead with confidence—showing not just what’s possible, but what’s possible safely. 

Thank you for being part of this journey. 

— Christopher Croad
Chief Information Security Officer
Syracuse University 

In the summer of 2024, news spread quickly across the security world: a leak called RockYou2024 had spilled more than 10 billion passwords onto the internet. Imagine that number for a moment, 10,000,000,000. Billions of keys to people’s digital lives, some fresh, some stolen long ago, sitting in a massive pile for anyone to sift through. Many were laughably simple, like 123456 or qwerty. Others were reused again and again across accounts, unlocking not just one account but entire chains of them. Some had been left unchanged for years, quietly waiting for someone to take advantage. 

The danger wasn’t theoretical. Attackers armed with even a fraction of those passwords could break into email, bank accounts, or university systems. From there, they might steal data, send convincing phishing messages, or move deeper into sensitive networks. RockYou2024 wasn’t just another breach, it was a reminder of how much damage weak habits can cause. 

At Syracuse University, the InfoSec team works hard to make sure that one careless password doesn’t open the door to bigger problems. Multi-factor authentication acts like a second lock, so even if a password leaks, it can’t easily be used. Security monitoring spots strange patterns, like impossible travel or repeated login attempts, and the team moves fast to contain threats. Password rules are in place to make guessing harder, and ongoing awareness campaigns remind the community not to fall into the trap of reusing the same old credentials. 

But the truth is, technology alone can’t carry the load. Each of us has a part to play. Choosing a long, unique passphrase, something quirky and personal like Otto!Has2Dance, adds serious strength to an account. Updating old or weak passwords cuts off opportunities for attackers and enabling MFA wherever possible slams the door on many account takeover attempts. 

The RockYou2024 breach showed just how vulnerable predictable human behavior can make us. Yet it also showed how preventable much of this is. Stronger habits don’t just protect one person; they protect the entire Orange network. Security is only as strong as its weakest password. By locking down yours, you’re helping to safeguard the whole community. 

Contact the ITS Service Center if you need help. 

Visit securecuse.syr.edu for more information on security practices at Syracuse. For assistance, call the ITS Service Center at 315.443.2677 or email help@syr.edu.

Cybersecurity is often talked about in terms of rules, tools, and tech jargon. However, as a culture of security is created and maintained by people an unexpected humanistic element plays a large part in creating a strong security culture: empathy. 

Yes, empathy. That very human skill we use every day on campus: when a professor helps a struggling student, when a staff member supports a colleague after a tough week, or when a student offers a friend a listening ear during finals. Empathy helps us connect, collaborate, and thrive. 

And it also helps us stay secure. 

Security is Personal 

Last semester a staff member woke up to an inbox flooded with thousands of messages. Their email client slowed to a crawl and real emails were buried, and office workflows. They worried about the fallout, about missing real emails and what they may have done to cause this to happen, they hadn’t done anything. 

Another time, a student was misled into believing that their Microsoft account would be turned off during midterms. This led to their account being compromised and a phishing email being sent from their account. It was an honest mistake, as bad actors are very convincing and take advantage of people’s fears. It was both stressful and embarrassing for the student to deal with the aftermath of this occurrence. 

In both cases, no one was trying to be careless. They were busy, trying to keep up with their day, and seemingly targeted as someone with a digital presence online, just like the rest of us. 

The difference in how we respond to these situations is what defines our campus culture. When we lead with empathy, we stop shaming people for making mistakes and start building a stronger, more supportive security mindset. 

Why Empathy Makes Us Safer 

Cybersecurity isn’t just about firewalls and password managers. It’s about how we treat each other when something goes wrong, and how willing we are to speak up and support one another before things go wrong. 

Empathy helps us: 

• Encourage questions, even when someone feels unsure 

• Foster a culture where people report mistakes quickly, without fear 

• Teach others with patience instead of frustration 

• Recognize that everyone from students to the administration, can be a target of scams 

Security is a shared responsibility. Here’s how empathy helps us all take part: 

• Think before you click
  If something seems off in an email, slow down. Ask a colleague, reach out to IT, or report it. Better to double-check than regret it later. 

• Be supportive
  If someone falls for a phishing scam or makes a security mistake, resist the urge to blame. Instead, help them report it and see it as a learning moment for everyone. 

• Report suspicious activity
  When you speak up, you might prevent the same thing from happening to someone else. You’re not overreacting, you’re protecting the community. 

• Keep learning
  Take the time to go through university provided training or tips. Even a few minutes can help you learn something new or bolster security skills you already have. 

Empathy may not be a security tool you can download, but it might be the most powerful one we have. When we treat cybersecurity as a shared, human responsibility, everyone wins. 

Let’s protect each other not just with strong passwords, but with stronger support, understanding, and care. 

Contact the ITS Service Center if you need help. 

Visit securecuse.syr.edu for more information on security practices at Syracuse. For assistance, call the ITS Service Center at 315.443.2677 or email help@syr.edu.