Re: SANS STH Carousels

[Mark Rogowski <m.rogowski () UWINNIPEG CA>]

Hi Jim,

STH has a lot of content so we made up four carousels.  For PCI and other sensitive information handling, we included 
Data Security, Encryption, Destruction and of course the specific PCI -DSS module.  People to take this as part of the 
PCI requirement also need to take another cluster of modules revolving around "security at work" (You are the Target, 
IM and Email, Physical, Social Engineering, Browsing, Social Networking, Passwords, Hacked).

HTH,

Mark Rogowski  CISSP, CISM
IT Security/Information Security Office
University of Winnipeg
Ph: 204-786-9034



From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of 
Pardonek, Jim
Sent: Tuesday, June 02, 2015 8:13 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] SANS STH Carousels

Good Morning,

We are working with SANS to get our STH videos customized.  The person helping us suggested that we have them group 
several videos into "carousels" to make it easier to deliver the content to everyone.  This looked very attractive to 
us but I wanted to see if anyone has already grouped the videos depending on the type of user and their potential risk 
based on job.  I'm alluding to PCI-DSS requirement 12 and what groupings you have for everyone and what you might add 
for those that accept credit cards.

Any suggestions would be most helpful.

Thanks,

Jim

James Pardonek, MS, CISSP, CEH
Information Security Officer
Loyola University Chicago
1032 W. Sheridan Road | Chicago, IL  60660

*: (773) 508-6086