Re: Online Security Awareness Training

["Lovaas,Steven" <Steven.Lovaas () COLOSTATE EDU>]

I guess higher ed is small potatoes, but the proper response is "we use RFPs, we can't buy SANS".


===================
Steven Lovaas
Information Security Officer
Colorado State University
steven.lovaas () colostate edu<mailto:steven.lovaas () colostate edu>
970-297-3707
===================
________________________________
From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Ken Connelly 
<ken.connelly () UNI EDU>
Sent: Tuesday, January 17, 2017 2:06:13 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Online Security Awareness Training

SANS has been getting too big for their britches for quite a while now, but this is arrogance beyond belief.

- ken

On 1/17/17 2:42 PM, Hudson, Edward wrote:
This was our approach as well with Lawroom. As a state entity we had to require a response to RFP and SANS stated quite 
clearly “we are SANS, we don’t respond to RFPs”


Ed Hudson, CISM
Director, Information Security
[cid:part1.A927E412.F77FEEBB@uni.edu]
401 Golden Shore
Long Beach, CA 90802
Tel 562-951-8431
ehudson () calstate edu<mailto:ehudson () calstate edu>

I subscribe to e-mail classification: i=Information, a=Action, u=Urgent


From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU><mailto:SECURITY () LISTSERV 
EDUCAUSE EDU> on behalf of "Baillio, Aaron" <abaillio () OU EDU><mailto:abaillio () OU EDU>
Reply-To: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU><mailto:SECURITY () 
LISTSERV EDUCAUSE EDU>
Date: Tuesday, January 17, 2017 at 12:25 PM
To: "SECURITY () LISTSERV EDUCAUSE EDU"<mailto:SECURITY () LISTSERV EDUCAUSE EDU> <SECURITY () LISTSERV EDUCAUSE 
EDU><mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: Re: [SECURITY] Online Security Awareness Training

We just went with a company called Lawroom who had an excellent 50 minute security training.  We had them break it up 
unto 5 different modules based on the information covered.  They are a mix of video, reading and quizzes and is very 
professional and well done.  Additionally, it comes 503 compliant and integrated into our existing LMS system.

Very happy with it.

B. Aaron Baillio, Sec+, CEH, CISSP
University of Oklahoma, Information Technology
Managing Director, Security Operations and Architecture
O: 405-325-7948
C: 254-400-6404

Annual password changes are now required.  Visit accounts.ou.edu<http://accounts.ou.edu/> to change your password today!



From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Robert 
Smith
Sent: Tuesday, January 17, 2017 1:59 PM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: Re: [SECURITY] Online Security Awareness Training

Hi,

We too are using SANS for annual training.  Feedback is generally positive.  For year two, we added a shorter (~35 
minute) refresher of the SANS training.  We are looking at strategies for students and other ways to make the training 
more effective for faculty/researchers.
Have a  marvelous day,

Robert Smith, CISSP, PMP
Systemwide IT Policy Director
University of California
(510) 587-6244 (o)
(510) 541-8103 (m)
robert.smith () ucop edu<mailto:robert.smith () ucop edu>

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Todd 
Britton
Sent: Tuesday, January 17, 2017 11:51 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: Re: [SECURITY] Online Security Awareness Training

Hi Linda,

                We have used SANS Securing the Human very successfully for the past several years. Due to educational 
pricing, the cost was very low. Our faculty and staff have provided feedback that they like the training because it is 
concise, short in duration, and full of good information. We are kicking off a plan to augment this offering with 
face-to-face training to dive a little deeper. Happy to answer any questions you may have about our experience with 
SANS. Good luck!

Todd Britton, Ed.D.
PMP, CSM, CISM, CRISC, ITILv3F, MCSE, CGEIT
Chief Information Officer (CIO)
Associate Vice President
Office of Information Technology

University of La Verne
1950 Third Street | La Verne, California | 91750
Office: 909 448 4124
Email or Video call: tbritton () laverne edu<mailto:tbritton () laverne edu>
laverne.edu<http://laverne.edu/>


[niversity                  of La Verne 125th Anniversary: Generations of                  Transforming Lives]

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Ludwig, 
Linda
Sent: Tuesday, January 17, 2017 11:38 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] Online Security Awareness Training

I am researching online solutions for on-demand online security awareness training for our faculty/staff. I did a 
search of the archives and did not find any recent discussion of the topic since 2010 or so. So I was hoping I could 
get some recent reviews of what is available for online information security awareness. So far I have looked at SANS, 
Knowb4, and Inspire eLearning.

I am interested in learning what other colleges are using and if you have any reviews on the three I mentioned or 
others.

Thank you for your assistance,

Linda Ludwig
Information Security Awareness Specialist
Grinnell College
ludwigl () grinnell edu<mailto:ludwigl () grinnell edu>



--
- Ken
=================================================================
Ken Connelly                       Director, Information Security
Information Security Officer          University of Northern Iowa
email: Ken.Connelly () uni edu<mailto:Ken.Connelly () uni edu>   p: (319) 273-5850 f: (319) 273-7373

Any request to divulge your UNI password via e-mail is fraudulent!