Educause Security Discussion mailing list archives
Re: Faculty Acceptance of Security Awareness Education?
From: Matthew Wollenweber <mjw () CYBERWART COM>
Date: Tue, 17 Nov 2009 12:59:46 -0500
I've thought on this problem a lot recently. I haven't yet tried to push the plan through management, but the most reasonable approach to me seems to be targeted and automated training. Most malware we see is the result of trojans, which means user interaction is generally required. When we remediate the system, it would be easy enough to sign the user up for a phishing/trojan awareness training through a service like phishme.com. That way users that have problems get training, training functions as a test of sorts, and it's automated so the employee isn't defensive about what they were doing that led to the compromise. Again, this isn't implemented but in my opinion it feels like an unresolved problem when we remediate a system for a trojan with little or no training/interaction with the user and this is the best solution I've had on the subject. On Wed, Oct 28, 2009 at 6:21 PM, Jon Good <Jon.Good () ucop edu> wrote:
Researching a question posed by our Academic Senate leadership: What approaches have worked at other institutions to persuade faculty to get on the security awareness bandwagon [take the “training”]? Jon Good Director, Information Security Information Resources & Communications University of California Office of the President 415 - 20th Street, 3rd Floor Oakland, CA 94612-2901 (510) 987-0518
-- Matthew Wollenweber
Current thread:
- Faculty Acceptance of Security Awareness Education? Jon Good (Oct 28)
- <Possible follow-ups>
- Re: Faculty Acceptance of Security Awareness Education? Then, Keri (Oct 28)
- Re: Faculty Acceptance of Security Awareness Education? Jim Dillon (Oct 29)
- Re: Faculty Acceptance of Security Awareness Education? Patria, Patricia (Oct 30)
- Re: Faculty Acceptance of Security Awareness Education? Allison Dolan (Nov 17)
- Re: Faculty Acceptance of Security Awareness Education? Matthew Wollenweber (Nov 17)
- Re: Faculty Acceptance of Security Awareness Education? Hugh Burley (Nov 17)
- Re: Faculty Acceptance of Security Awareness Education? Delaney, Cherry L. (Nov 25)
- Re: Faculty Acceptance of Security Awareness Education? Raymond, Jessica (Nov 25)
- Re: Faculty Acceptance of Security Awareness Education? Delaney, Cherry L. (Nov 25)
- Re: Faculty Acceptance of Security Awareness Education? Hugh Burley (Nov 25)
- Re: Faculty Acceptance of Security Awareness Education? randy marchany (Nov 27)
- Re: Faculty Acceptance of Security Awareness Education? Ozzie Paez (Nov 27)
- Re: Faculty Acceptance of Security Awareness Education? Eric Case (Nov 27)
- Re: Faculty Acceptance of Security Awareness Education? Terri Jones (Nov 29)
- Re: Faculty Acceptance of Security Awareness Education? Allison Dolan (Nov 30)
(Thread continues...)