Re: End-user Awareness Baseline(s)

[Ben Woelk <fbwis () RIT EDU>]

Jennifer,
The Awareness and Training Working group is tackling awareness metrics. They can be reached through Valerie Vogel or 
EDUCAUSE Security Awareness Discussion Listserv SEC-EDUC () LISTSERV EDUCAUSE EDU<mailto:SEC-EDUC () LISTSERV EDUCAUSE 
EDU>

Ben Woelk
Member, Awareness and Training Working Group
Higher Education Information Security Council
http://www.educause.edu/heisc

Policy and Awareness Analyst
Rochester Institute of Technology
Rochester, New York 14623
585.475.4122
ben.woelk () rit edu<mailto:ben.woelk () rit edu>
http://security.rit.edu/dsd.html

Become a fan of RIT Information Security at 
http://rit.facebook.com/RITInfosec<http://rit.facebook.com/profile.php?id=6017464645>

Follow us on Twitter: http://twitter.com/RIT_InfoSec




From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Eckrote, 
Jennifer
Sent: Friday, August 30, 2013 11:25 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] End-user Awareness Baseline(s)

We are rethinking our Targeted Awareness efforts, but we want to conduct an "End-user pre-assessment" - basically a 
baseline - so we can figure out which areas of Security Awareness need to be the focus.  Have you conducted any sort of 
"End-user assessments"; ranging from surveys on multiple areas to targeted assessments (i.e. faux-phishing/social 
engineering campaigns) at your institutions?  What worked best? What didn't work?

==============================
Jennifer Eckrote
Policy, Awareness & Training Coordinator
Longwood University Information Security Office
201 High Street | Farmville, VA | 23909
eckrotejl () longwood edu<mailto:eckrotejl () longwood edu>