Re: Mandatory information security awareness training

[Jeff Holden <holdenje () CCCNEXT NET>]

For those of you that mentioned you were using the SANS Securing the
Human, how are you licensing it?  I am planning on using it in a
security awareness program we are developing, and was looking at the
REN-ISAC deal. The only drawback is having to judge how many seats we
will need.  Are you buying blocks from REN-ISAC or licensing it as
needed? If as needed could you contact me off list, as I am curious what
kind of deal you were able to negotiate.

 

 

Thanks,

Jeff Holden, CISSP

Chief Information Security Officer

California Community Colleges Technology Center

holdenje () cccnext net <mailto:holdenje () cccnext net> 

 

 

From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Dan Han
Sent: Friday, April 12, 2013 2:09 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Mandatory information security awareness
training

 

At VCU, we require all employees to go through annual security awareness
training. The material we used last year included several SANS STH
videos and a custom quiz hosted on our LMS. We are currently designing
the material for this year's training. We also require IT staff to go
through a separate set of technical security training.

 

Dan Han

Virginia Commonwealth University

 

 

On Fri, Apr 12, 2013 at 3:59 PM, Chancellor, Beth C.
<ChancellorB () missouri edu> wrote:

 

I need to identify institutions that have mandatory information security
awareness training for all employees. MU has required training for
certain segments of our employee population but not for all.  Please
reply to me if you have already have such a policy that covers everyone.

 

Thanks,

Beth

 

Beth Chancellor

chancellorb () missouri edu

MEd, CISSP

Associate CIO &

Chief Information Security Officer

University of Missouri

(573) 882-3503 <tel:%28573%29%20882-3503>