Educause Security Discussion mailing list archives
Re: Mandatory IT Security training
From: Valerie Vogel <vvogel () EDUCAUSE EDU>
Date: Tue, 24 Jul 2018 15:51:18 +0000
Hi Brent, The 2016 CDS Spotlight: Information Security has some information on the second page about institutions with infosec training and whether it’s mandatory for faculty/staff or students. https://library.educause.edu/resources/2016/8/cds-spotlight-information-security The 2018 CDS<https://www.educause.edu/cds> survey recently launched, so we will have new infosec module data available for comparison in early 2019. Thank you, Valerie Valerie Vogel Senior Manager, Cybersecurity Program EDUCAUSE Uncommon Thinking for the Common Good direct: 202.331.5374 | twitter: @HEISCouncil | vvogel () educause edu<mailto:vvogel () educause edu> From: Security Discussion Group List <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of WALTER KERNER <walter_kerner () FITNYC EDU> Reply-To: Security Discussion Group List <SECURITY () LISTSERV EDUCAUSE EDU> Date: Tuesday, July 24, 2018 at 8:34 AM To: Security Discussion Group List <SECURITY () LISTSERV EDUCAUSE EDU> Subject: Re: [SECURITY] Mandatory IT Security training Hi Brent. We require some basic IT Sec training: things like recognizing phishing, good password practices, and a general awareness module. However, there isn’t much enforcement behind the requirement. We also require more specific training for people who handle credit cards, per PCI requirements. Walter Kerner AVP and CISO [Image removed by sender. blue] 333 7th Avenue, 13th Floor New York, NY 10001 Voice: 212-217-3415 From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>] On Behalf Of Haselhoff, Brent Sent: Tuesday, July 24, 2018 11:09 AM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: [SECURITY] Mandatory IT Security training Hi Everyone, We are currently evaluating our mandatory IT security training policies and procedures. Does your university require IT security training for all employees? If so, what topics are covered? Do you require this training in order to stay compliant with some sort of regulation, or are you doing it because it is best practice? Do you require this training annually or just upon hire? Thanks Brent Brent Haselhoff Manager, IT Security and Identity Management brent.haselhoff () wku edu<mailto:brent.haselhoff () wku edu> 270-745-2012
Current thread:
- Mandatory IT Security training Haselhoff, Brent (Jul 24)
- Re: Mandatory IT Security training WALTER KERNER (Jul 24)
- Re: Mandatory IT Security training Valerie Vogel (Jul 24)
- Re: Mandatory IT Security training John Chapman (Jul 24)
- Re: Mandatory IT Security training Valerie Vogel (Jul 24)
- Re: Mandatory IT Security training Pardonek, Jim (Jul 24)
- Re: Mandatory IT Security training Hiram Wong (Jul 24)
- Re: Mandatory IT Security training Telfer, Will (Jul 24)
- Re: Mandatory IT Security training Gomez, Joshua (Jul 24)
- Re: Mandatory IT Security training Barton, Robert W. (Jul 24)
- Re: Mandatory IT Security training Ronald King (Jul 31)
- Re: Mandatory IT Security training Dan Lewis (Jul 31)
- Re: Mandatory IT Security training Barton, Robert W. (Jul 24)
- Re: Mandatory IT Security training WALTER KERNER (Jul 24)
- Re: Mandatory IT Security training Sharkirah Foote (Jul 24)
- Re: Mandatory IT Security training Andrew Chiarello (Jul 24)