Communication Plans & Protocol

COMMUNICATION PLANS
1. Internal Communication:
Regular team meetings to discuss project updates, challenges, and achievements.
Utilize collaboration tools (e.g. Microsoft Teams) for real-time communication and file sharing.
Quarterly unit meetings to share updates and gather feedback from team members.
Regular update on new technology and emerging innovative devices to improve quality of multimedia service delivery.
 
2. External Communication:
Establish a dedicated email address and contact point for external inquiries and feedback.
Maintain an active presence on social media platforms to showcase projects, achievements, and job opportunities.
 Participate in industry events, conferences, and webinars to network and promote the unit’s capabilities.

COMMUNICATION PROTOCOL
1.  Email Communication:
Use clear and concise language in email communication.
 Include relevant subject lines and action items for quick reference.
 Follow up on important emails to ensure timely responses.
 
2. Hard copy memoranda:
Establish a standardized format for hard copy paper memos, including headings, date, recipients, sender’s name, and signature fields, etc.
 
a.  Distribution List:
Maintain an up-to-date distribution list for paper memos to ensure that the right individuals receive the information in a timely manner.
  
b.  Tracking and Recording:
Implement a system for tracking and recording the distribution of paper memos, including acknowledgement of receipt and any follow-up actions required.
c. Enforce strict confidentiality measures for sensitive information included in paper memos, such as handling procedures and secure storage.
d. Archiving and Retention: Establish guidelines for the archiving and retention of paper memos, including storage duration and disposal procedures in compliance with data protection regulations.
e. Version Control: Maintain version control for paper memos by including a version number or date to ensure that the most recent information is being referenced.
 
3.  Meeting Etiquette:
Start meetings on time and adhere to the agenda to maximize productivity.
Assign roles (e.g., facilitator, timekeeper) to ensure efficient meeting management.
Encourage active participation and respectful dialogue among team members.
4.  Feedback Mechanisms:
Implement regular feedback sessions to gather input on communication effectiveness and areas for improvement.
 Provide avenues for anonymous feedback to encourage candid responses.
Act on feedback promptly to address concerns and enhance communication practices.

INTERFACING AREAS WITH COMSIT UNITS AND UNIVERSITY COMMUNITY
This communication plan outlines strategies for informing university stakeholders (faculty, staff, students, management and relevant organs of the COMSIT) about the cybersecurity landscape and its implications for the university. Effective communication fosters awareness, promotes responsible behaviour, and strengthens the overall cybersecurity posture and assures that the university is pro-active.
Target Audiences:
COMSIT Director: Present a comprehensive overview of the cybersecurity landscape, risks facing the university, and mitigation strategies implemented by the cybersecurity unit.
COMSIT Units: this is of great priority for the relevant Units of COMSIT to be adequately informed about the activities of the cybersecurity at all time. A robust and real time information sharing platform should be developed to foster seamless vertical and horizontal exchange of cybersecurity incidents as well activities for ease of monitoring.
Staff: Educate them on common cyber threats, best practices for protecting university data, and reporting procedures for suspicious activity.
Students: Raise awareness of cyber risks they may encounter, guide them on secure online behaviour, and emphasize responsible use of university IT resources.
Collaboration with Faculties and Centers on Multimedia Innovations
Establish liaison officers in each faculty and center to facilitate communication and identify multimedia needs.
Conduct regular meetings with faculty representatives to gather feedback and ensure alignment with their requirements.
Offer customized training and support to faculty and staff on using multimedia tools and resources.

Communication Channels:
Email Campaigns: Send regular email campaigns with cybersecurity tips, updates on emerging threats, and reminders about security policies.
Training Sessions: Organize workshops and training sessions tailored to different stakeholder groups, covering topics like phishing awareness, password hygiene, and data security best practices.
Website: Create a dedicated webpage on the university website with cybersecurity resources, FAQs, reporting mechanisms for suspicious activity, and contact information for the cybersecurity unit.
Social Media: Utilize university social media platforms to share cybersecurity awareness messages and promote upcoming training sessions. Other available social platforms can as well be explored for an effective alert system incase of emergency.
Faculty/Staff Meetings: Incorporate cybersecurity awareness discussions into regular faculty and staff meetings.
Campus Events: Organize cybersecurity awareness events and campaigns throughout the year to keep the topic at the forefront.
Security incidents Simulation: this is a systematic approach to evaluate the security posture in order to facilitate further improvement.
Communication Messages:
Tailored Content: Adapt communication messages to resonate with each stakeholder group. Focus on the specific risks and responsibilities relevant to each audience.
Clear and Concise Language: Avoid overly technical jargon. Use clear and concise language that everyone can understand.
Focus on Impact: Highlight the potential consequences of cyberattacks on the university and individuals (data breaches, privacy violations, disruptions).
Call to Action: Clearly outline the desired actions stakeholders should take to improve cybersecurity (participate in training, report suspicious activity, practice secure online habits).
Positive Reinforcement: Recognize and appreciate faculty, staff, and students who demonstrate responsible online behaviour and report suspicious activity.



Shared Resources and Expertise:
Cross-training Opportunities: Provide opportunities for staff in different ICT units to receive cross-training on cybersecurity basics and relevant security tools.
Shared cybersecurity Resources: Maintain a central repository of security resources, best practices documents, and incident response procedures accessible to all ICT units.
Joint cybersecurity Projects: Collaborate on security projects that benefit the entire university, such as implementing multi-factor authentication or data encryption across all ICT systems.
Code vulnerability expert: also known as a security analyst, security engineer, or penetration tester, is a cybersecurity professional who specializes in identifying and mitigating security weaknesses in software code. They possess a deep understanding of programming languages, software development practices, and common security vulnerabilities.
Alignment with ICT Directorate Goals and strategies of ISMS:
Understand Directorate Goals: The cybersecurity unit should understand the overall goals and priorities of the ICT directorate. This helps tailor security strategies to support and not hinder the directorate’s objectives.
Risk-Based Approach: Prioritize cybersecurity efforts based on risks identified across the university, considering systems and data managed by other ICT units.
Security Champions: Identify and empower security champions within other ICT units to promote security awareness and best practices among their colleagues.
Benefits of Congruence:
Improved Security Posture: Collaboration and information sharing lead to a more comprehensive and effective security posture for the university.
Reduced Risk of Cyber Attacks: A unified approach to security makes the university less vulnerable to cyberattacks.
Enhanced Efficiency: Integration and automation can streamline security processes and reduce duplication of effort across ICT units.
Improved Communication: Clear communication fosters trust and collaboration between the cybersecurity unit and other ICT units.
By fostering a collaborative and integrated approach, the cybersecurity unit can achieve congruence with other units within the ICT directorate, leading to a more secure and resilient university IT environment.
Conclusion:
This document has provided a deep insight to the blueprint for university of Ilorin cybersecurity unit with focus on development on plans to attain some long term plans. The document is based on best practices in the global IT sector using the principles in Information Security Management System ISMS and The National Institute of Standards and Technology (NIST) frame works.