When it comes to staying secure online, there are a lot of myths out there. It can be hard to deduce what’s fact or fiction. As our real and digital lives become more intertwined, knowing the truth is more important than ever.

Here are three common myths to consider.

Myth: Cybersecurity is just for technical people

No, cybersecurity is for everyone.

We all have assets worth protecting — money, family, jobs, data, reputations. And while many protections are working for us behind the scenes, it’s not enough. The 2025 cybersecurity attitudes and behaviors study from the National Cybersecurity Alliance (NCA) and CybSafe showed 50% of respondents assume their devices are automatically secure.

Know that you are in the driver’s seat. It’s important to be proactive in securing your assets. Subscribe to OIT News for monthly security tips.

Myth: If I fall for phishing, it only affects me

Just one compromised NC State account puts the whole university at risk. Within minutes, a cybercriminal can use your credentials to access university resources, steal sensitive data or send more phishing emails from your email address.

Protecting yourself also means protecting our campus community.

Myth: Staying secure is too overwhelming

If it feels like information overload, you’re not alone. In the NCA and CybSafe study, nearly half of those surveyed last year said they often feel overwhelmed and confused by security information.

But you don’t have to do it all. Focus on these priorities:

• Phishing: Always remember to be suspicious, take your time and ask for help. Learn more about phishing.
• Passwords: Use a long, unique password for every account. And keep track of them with a password manager.
• Software Updates: Install device and app updates as soon as possible. Better yet, turn on automatic updates. These updates protect from bugs and vulnerabilities.
• Multifactor Authentication: At NC State, you’re required to use Duo as an added layer of protection when logging in to university services. Be sure to set up multifactor authentication for all accounts, even personal ones.

Help

The Office of Information Technology is in your corner. There are lots of ways to get in touch with us.

• Report phishing directly to our Cybersecurity Operations team using Gmail’s built-in reporting feature:
  • On a computer, open the suspicious email.
  • Click the More option (three vertical dots) at the top-right corner.
  • Select Report phishing.
• Attend First Fridays: OIT Training Office Hours to chat with our training team about your basic cybersecurity questions.
• Contact the NC State Help Desk via the NC State IT Service Portal or call 919.515.HELP (4357).