Dear Faculty and Staff,
In accordance with the Ministry of Education’s “2025 Cybersecurity Drill for Public and Private Universities,” scheduled to take place from July to September 2025, we kindly ask for your cooperation in reviewing and inspecting your unit's websites and systems, and in complying with the following tasks:
1、Information System Inventory:
Each unit’s cybersecurity contact person is requested to inventory any websites that contain the university's name, domain name, IP address, or are otherwise identifiable as affiliated with the university (including departmental websites, laboratory websites, faculty personal websites, event websites, etc.). The system owner should log in to the "Unit Information Management System" through the single sign-on portal and complete the system usage report by Monday, June 9, 2025.
2、Account Review:
Please inspect the accounts associated with your websites and systems. Accounts using weak passwords should be updated to strong passwords as soon as possible.
Accounts that have not been used for an extended period or are used for testing should be disabled or removed.
3、Vulnerability Scanning:
Units should conduct vulnerability scans on all currently active websites and servers to identify any medium or high-risk vulnerabilities and address them promptly.
The Information Technology Center also provides a vulnerability scanning platform at https://va.nycu.edu.tw for units to use.
4、Recommendations:
It is recommended that all units evaluate their websites and servers. If a system has been unused for an extended period or is no longer maintained, for example : the website of an overdue conference, please proactively shut it down by June 9, 2025.

Please find attached the presentation slides from the 2025 Cybersecurity Drill Briefing. We kindly ask all units to cooperate accordingly. Thank you for your support.