Shermie: Hi, everyone, my name’s Shermie. I’m the mascot and Predictably Awesome IT Ambassador for navitend. Today, we’ll learn more about malware and best practices you can follow to prevent it from wreaking havoc on your organization.
Coach: All right, team, it’s time for our pregame huddle!
Player #1: What’s the plan, coach?
Coach: All right, everyone, remember that the Spiders have the best three-point average in their division. If our defense isn’t strong enough, they can capitalize and win this game in a runaway. We made it to the Big Dance, but if we lose, we won’t advance to the next round.
Player #2: Good talk, sir.
Coach: OK. All right – “Shields” on three. Ready?
Coach and Players: One, two, three, Shields!
Coach: Who are you?
Shermie: My name’s Shermie, and I’m here at Madison Square Garden for the first-round game between the Northeast Cybersecurity University Shields and the Malware State College Spiders.
Coach: OK. The tipoff’s in five minutes.
Shermie: Well, I finally made it to my seat. This is going to be a great game. Go, Shields, go!
Announcer: Welcome to Madison Square Garden for Round 1 of March Madness 2026. Tonight, the Northeast Cybersecurity University Shields and Malware State College Spiders face off in their first-ever appearance in the Big Dance.
Shermie: Go Shields!
Player #3 (on bench): What’s this? “Dear Chris, this is your coach, Maxwell J. Security. Congratulations on scoring more three-point baskets than anyone else on the team. Click the link and you’ll find a $1000 gift card. Sincerely, Coach Security.” Wow, that’s awesome. I’ll have to click it and claim my prize.
Shermie: Holy malware! An email with a link to a $1000 gift card? Do these basketball players not know the havoc that viruses and other malicious programs can wreak on their team? This looks like a job for the one, the only, the predictably awesome Sherminator!
Chris: Who are you?
Shermie: I’m the Sherminator, and I’m here to tell you about best practices you can follow to prevent harmful malware attacks!
Chris: You look like a sheep in a superhero outfit.
Shermie: Yes, I’m a sheep, but I’ve come to tell you and your teammates about the best practices you can follow to keep malware attacks at bay.
Chris: I just received an email claiming to be from Coach Security, with a link to a $1000 gift card as a reward for scoring the most three-point baskets of anyone on the team.
Shermie: I see, but this is a trap. Do you and your teammates regularly receive cybersecurity training?
Chris: Yes, sir. It’s even in our school’s name – Northeast Cybersecurity University.
Shermie: I understand, but all businesses – including colleges and universities – must train employees, students, and other key users on whom and what they should and shouldn’t trust¹. Everyone in the organization must learn not to fall for phishing emails – like the one you received – or other malicious schemes. Additionally, you must install multi-factor authentication (MFA) to safeguard your applications, data, devices, and networks from malware attacks¹.
Chris: Well said. Are there any other best practices we should follow to prevent malware attacks?
Shermie: You must also follow the university’s policies and best practices for application, device, and network security¹. For example, you should create unique passwords with at least 16 characters¹. Meanwhile, you must also use a password manager, so you can more easily keep track of passwords and prevent them from falling into malicious hands¹.
Chris: Well, my teammates and I started using a password manager last year.
Shermie: Good. Do you know which type of malware is the most dangerous?
Player #4: Let me guess – ransomware?
Shermie: You’re correct. Ransomware is the most dangerous type of malware to any organization, including yours². If you fall victim to a ransomware attack, your files will be encrypted, and your computer system locked until you pay the ransom to regain access thereto².
Player #4: That sounds scary.
Shermie: Yes, but the scarier part is that ransomware can be transmitted through email attachments, malicious websites, social engineering attacks, and vulnerabilities in the software you use every day².
Chris: You made a great point. I took a course in ransomware prevention last semester, and I finished with a 98 – the best average in the class.
Shermie: That’s outstanding, Chris. However, I have another question for you. Do you know how important backup processes are for ensuring your team’s statistics and other critical data don’t fall into the wrong hands?
Chris: Yes. This morning, Coach Security told us that with network-based ransomware worms and other cyber threats intensifying every day, data protection solutions are more important than ever before¹. We update our desktops, laptops, and phones every time updates become available, so we can remediate any issues and recover from them more quickly when they do occur¹.
Shermie: Excellent. Meanwhile, you must also have multiple security layers in place to defend the university’s digital infrastructure from harmful malware attacks¹.
Chris and Player #4: Tell us more.
Shermie: Just as wearing multiple layers of clothing keeps you warm on a chilly March evening, installing multiple security layers better protects your applications, data, devices, and networks from malware¹. For example, you must have AMP for Endpoints, an intrusion prevention system (or IPS, for short), next-generation firewalls, and other endpoint monitoring tools in place to protect the university’s digital infrastructure¹.
Chris: We already have next-generation Sophos firewalls and AMP for Endpoints, and our university president told us that she plans to have an IPS installed campuswide before the Fall 2026 semester. Are there any other best practices we should follow to prevent malware attacks?
Shermie: Yes. You must know that ransomware infections are primarily spread through malicious downloads or email attachments¹. Therefore, you should use a university-sanctioned file sharing program like MS SharePoint, as well as the layered security approach I already mentioned, to diligently block malicious attachments, emails, and websites¹.
Chris: Thank you, Mr. Sherminator. Coach Security told us that the entire basketball team has used SharePoint since the fall 2018 semester.
Shermie: Good. Anyway, are you familiar with zero-trust security?
Player #4: Yes. We’ve had a campuswide zero-trust security framework since the fall 2024 semester.
Shermie: Excellent. A zero-trust security approach secures access not just from you, but from APIs, containers, end-user devices, IoT (Internet of Things) appliances, microservices, and more¹. Since you must verify their trustworthiness before accessing them, zero-trust security keeps your applications, data, devices, and networks secure, and prevents malware from infiltrating the university’s digital infrastructure¹.
Player #4: Thanks so much, Mr. Sherminator! You were a tremendous help tonight.
Shermie: You’re welcome, my friend.
Coach Security: Chris? Alan? The Spiders are a point ahead of us, so go out there and show them what you’re made of!
Chris and Alan: Yes, sir.
Announcer: Maxwell Protection, Jr. has reached the three-point line – he shoots toward the Spiders’ basket, and it’s nothing but net. What an incredible three-point shot from Max Protection, Jr.! The Shields now lead the Spiders 39-37.
Shermie: Well, it’s time for this digital-savvy sheep to enjoy the rest of the game. I paid good money for my seat, you know. Just remember the best practices I mentioned, and you can enjoy predictably awesome digital experiences while keeping malware at bay every day. Now, go, Shields, go!
Navitend can help you. Call 973.448.0070, 877.448.0070, or setup an appointment today.
Contact us at 973.448.0070