Re: Security Awareness specifically for Higher Ed?

["Jim A. Bole" <jbole () STEVENSON EDU>]

Cathy,

I just became part of higher ed this year when I joined Stevenson.

Before that I spend more than 15 years in private industry doing infosec, including leading a security awareness 
program for an international company with 20K employees.

Now I'm preparing Stevenson's cybersecurity awareness program for October.

I think the messages/content/priorities for higher ed are similar, perhaps nearly identical, to those for other 
orgs/industries. The threats are typically the same.

For me, the key to a successful awareness campaign is creating engaging content that clearly communicates simple 
behaviors we want our users to do.

Posters, videos, branding, social media, events, gamification, etc. are great tools. There might be some small 
differences in content and use of those tools between a university audience than a corporate audience, but nothing 
significant.

At least that's my experience so far.

Happy to discuss further.

Jim Bole
Director of Information Security
Stevenson University
1525 Greenspring Valley Road
Stevenson, MD, 21153-0641
jbole () stevenson edu | O: 443-334-2696






From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Ullman, Catherine
Sent: Thursday, August 22, 2019 11:39 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Security Awareness specifically for Higher Ed?

Good morning!

I've been in some interesting conversations with some companies that create security awareness online training and 
those conversations ultimately lead to this question:

What would security awareness training specifically designed for higher ed look like?  What would be different about it 
from what is created for corporate environments?

I'd really like to gather a list of thoughts from this community to bring back to these folks at some point.  Feel free 
to reply off-list if you'd prefer.

Thanks,
Cathy


Dr. Catherine J Ullman
Senior Information Security Analyst
Information Security Office
University at Buffalo
cende () buffalo edu<mailto:cende () buffalo edu>



**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community