Educause Security Discussion mailing list archives

Re: End-user Awareness Baseline(s)

From: Valerie Vogel <vvogel () EDUCAUSE EDU>
Date: Fri, 30 Aug 2013 17:44:44 +0000

Thanks Ben!

Please note that the listserv mentioned below is a closed list for the Higher Education Information Security Council 
(HEISC) Awareness & Training Working 
Group<http://www.educause.edu/about/mission-and-organization/governance-and-leadership/member-committees/heisc-awareness-and-training-working-group>.

If anyone is interested in volunteering for the Awareness group, or would like to learn more about other HEISC working 
groups, you'll find more information here: 
http://www.educause.edu/focus-areas-and-initiatives/policy-and-security/cybersecurity-initiative/community-engagement

We'll also be publishing a resource on security awareness metrics soon, and I will let the Security Discussion list 
know as soon as it's available. In the meantime, here is a related resource, A Guide to Effective Security Metrics: 
https://wiki.internet2.edu/confluence/display/itsg2/Effective+Security+Metrics

Please feel free to contact me with any questions.
Thank you,
Valerie

Valerie Vogel Program Manager

EDUCAUSE
Uncommon Thinking for the Common Good
direct: 202.331.5374 | main: 202.872.4200 | educause.edu<http://www.educause.edu/>

From: Ben Woelk <fbwis () rit edu<mailto:fbwis () rit edu>>
Reply-To: EDUCAUSE Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>>
Date: Friday, August 30, 2013 9:51 AM
To: EDUCAUSE Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>>
Subject: Re: [SECURITY] End-user Awareness Baseline(s)

Jennifer,
The Awareness and Training Working group is tackling awareness metrics. They can be reached through Valerie Vogel or 
EDUCAUSE Security Awareness Discussion Listserv SEC-EDUC () LISTSERV EDUCAUSE EDU<mailto:SEC-EDUC () LISTSERV EDUCAUSE 
EDU>

Ben Woelk
Member, Awareness and Training Working Group
Higher Education Information Security Council
http://www.educause.edu/heisc

Policy and Awareness Analyst
Rochester Institute of Technology
Rochester, New York 14623
585.475.4122
ben.woelk () rit edu<mailto:ben.woelk () rit edu>
http://security.rit.edu/dsd.html

Become a fan of RIT Information Security at 
http://rit.facebook.com/RITInfosec<http://rit.facebook.com/profile.php?id=6017464645>

Follow us on Twitter: http://twitter.com/RIT_InfoSec




From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Eckrote, 
Jennifer
Sent: Friday, August 30, 2013 11:25 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] End-user Awareness Baseline(s)

We are rethinking our Targeted Awareness efforts, but we want to conduct an “End-user pre-assessment” – basically a 
baseline – so we can figure out which areas of Security Awareness need to be the focus.  Have you conducted any sort of 
“End-user assessments”; ranging from surveys on multiple areas to targeted assessments (i.e. faux-phishing/social 
engineering campaigns) at your institutions?  What worked best? What didn’t work?

==============================
Jennifer Eckrote
Policy, Awareness & Training Coordinator
Longwood University Information Security Office
201 High Street | Farmville, VA | 23909
eckrotejl () longwood edu<mailto:eckrotejl () longwood edu>

Current thread:

End-user Awareness Baseline(s) Eckrote, Jennifer (Aug 30)
- Re: End-user Awareness Baseline(s) Ben Woelk (Aug 30)
  - Re: End-user Awareness Baseline(s) Valerie Vogel (Aug 30)
- Re: End-user Awareness Baseline(s) Valdis Kletnieks (Aug 30)