Re: Security Awareness Programs

[Todd Britton <tbritton () LAVERNE EDU>]

Hi Peter,

                We too struggle with getting our university constituents to actively and regularly engage in the 
Information Security training. I provide email, targeted portal messages and web page updates on the new content as 
appropriate. I also send out a yearly annual reminder (during Information Security Awareness month in October) of the 
resources available to us. We use the SANS Securing the Human hosted solution and while I agree with the lack of 
customization, single sign-on through LDAP and integration with other training providers is problematic. We believe is 
a good enough solution for us right now. I would be interested to know what others are doing and what you find as well. 
Good luck.

Todd Britton, Ed.D.
PMP, CISM, CRISC, ITILv3F, MCSE, CGEIT
Assistant Vice President, IT Business Relationships
Facilities and Technology Services Division
University of La Verne
tbritton () laverne edu<mailto:tbritton () laverne edu>


From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Peter 
Lundstedt
Sent: Wednesday, April 02, 2014 12:33 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Security Awareness Programs

Hi All,

Curious on what others are doing to 'get the word out' on their campuses.  What approaches seem to work best from both 
an initial push out on a new subject or with a new program, to keeping things up to date with acknowledgements, 
visibility, &c?

> From a product point of view, we've explored the SANS Securing the Human series among a few others, but the lack of 
> customization and integration into HR training modules is steering us away.  Experiences there?

Peter Lundstedt
SECURITY ANALYST 2, INFRASTRUCTURE & SECURITY SERVICES

[oit]