Educause Security Discussion mailing list archives
Re: Phishing and Security Awareness Training - Faculty
From: Thomas Skill <tskill1 () UDAYTON EDU>
Date: Thu, 14 Apr 2016 18:02:00 -0400
At the University of Dayton, we made the decision to move all faculty, staff and student employees to 2FA during the 2016 calendar year. In an effort to position this effort a more than 2-Factor, we also designated 2016 as our "Year of safe computing" - driven by the theme "becoming cyber-mindful." A major component to this effort are regular monthly phish tests using KnowBe4. We have been amazed at the positive response. Several keys: executive leadership support, authenticate and fun/engaging communications and a clear strategy that positions phish tests as our way of "exercising our phish detection and avoidance muscles." We take extreme care to never blame or shame anyone who falls victim. It all about getting better and rewarding the right attitudes and behaviors. Hope this is helpful! Tom Thomas Skill, Ph.D. Associate Provost & CIO Professor, Department of Communication University of Dayton skill () udayton edu Twitter: @skilltd Linkedin: skilltd On Apr 12, 2016 7:19 PM, "Sburlea, Stefan" <sburlea () chapman edu> wrote:
Hello, We are looking at starting a phishing/security awareness training. We are considering something like Wombat Security or GoPhish. Did you do something similar at your university and if yes, did you receive any negative feedback from your staff and faculty? What solution/vendor did you use? Searching through Educause archives, I found this great 10 point implementation checklist/guide : http://er.educause.edu/blogs/2016/4/phishing-your-users Any insight is greately appreciated. Thank you, Stefan Sburlea Chapman University, IS&T Information Security Specialist sburlea () chapman edu Desk Phone: 714-744-7802 Chapman University I One University Drive I Orange, California 92866 UNIVERSITY STAFF WILL NEVER ASK FOR YOUR PASSWORD - DO NOT SHARE YOUR PASSWORD WITH OTHERS!
Current thread:
- Phishing and Security Awareness Training - Faculty Sburlea, Stefan (Apr 12)
- Re: Phishing and Security Awareness Training - Faculty Paul Chauvet (Apr 13)
- Re: Phishing and Security Awareness Training - Faculty Sburlea, Stefan (Apr 13)
- Re: Phishing and Security Awareness Training - Faculty Bob Bayn (Apr 13)
- Re: Phishing and Security Awareness Training - Faculty Manjak, Martin (Apr 14)
- Re: Phishing and Security Awareness Training - Faculty Bob Bayn (Apr 14)
- Re: Phishing and Security Awareness Training - Faculty Sburlea, Stefan (Apr 14)
- Re: Phishing and Security Awareness Training - Faculty Sburlea, Stefan (Apr 14)
- Re: Phishing and Security Awareness Training - Faculty Paul Chauvet (Apr 13)
- <Possible follow-ups>
- Re: Phishing and Security Awareness Training - Faculty Valerie Vogel (Apr 12)
- Re: Phishing and Security Awareness Training - Faculty Sburlea, Stefan (Apr 12)
- Re: Phishing and Security Awareness Training - Faculty Valerie Vogel (Apr 12)
- Re: Phishing and Security Awareness Training - Faculty Sburlea, Stefan (Apr 13)
- Re: Phishing and Security Awareness Training - Faculty Melanie Lever (Apr 13)
- Re: Phishing and Security Awareness Training - Faculty Sburlea, Stefan (Apr 13)
- Re: Phishing and Security Awareness Training - Faculty Burke, Ian R. (Apr 13)
- Re: Phishing and Security Awareness Training - Faculty Sburlea, Stefan (Apr 13)
- Re: Phishing and Security Awareness Training - Faculty Sburlea, Stefan (Apr 12)