Educause Security Discussion mailing list archives
Re: Phishing Simulation - Punitive Escalation
From: "Rose, Henry" <harose () PVAMU EDU>
Date: Mon, 18 May 2020 22:21:06 +0000
I have heard of some schools where after a third violation, a note is added to users file in HR is discussed during performance evaluations. Best Regards, Henry Rose Security Analyst II Office of Information Resource Management P. O. Box 519, Mail Stop 1460 Prairie View, TX, 77446 Harrington Science, Rm 311E Tel: (936) 261-9353| Fax: (936) 261-9342 Email: harose () pvamu edu<mailto:harose () pvamu edu> How was my service<http://www.pvamu.edu/irm/customer-service-survey/> [cid:image001.jpg@01D04B80.E1EB84B0]<http://www.pvamu.edu/> Follow PVAMU! [cid:image002.png@01D04B80.E1EB84B0] <http://www.facebook.com/pvamu> [cid:image003.png@01D04B80.E1EB84B0] <http://twitter.com/pvamu> [cid:image004.png@01D04B80.E1EB84B0] <http://www.flickr.com/photos/pvamu/sets/> [cid:image005.png@01D04B80.E1EB84B0] <http://www.youtube.com/pvamu> From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Czarapata, Paul (KCTCS) Sent: Monday, May 18, 2020 5:04 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Phishing Simulation - Punitive Escalation While I have not heard of this in Higher Education, I know of at least two hospitals in Cincinnati where the third violation is termination of employment. The first is a warning and online video, second is a face-to-face session with a member of the Cybersecurity team. ______________________________________________________________________ Paul Czarapata, Ed.D. Vice President/Chief Information Officer Kentucky Community & Technical College System 300 North Main Street Versailles, KY 40383 O: 859/256-3248 Your success equals our success. [cid:7092dddd-0cf6-45f6-ac32-d9a93b58c927] [cid:445a0320-079f-468f-93cb-de10e9d0bd3a]<https://urldefense.proofpoint.com/v2/url?u=https-3A__na01.safelinks.protection.outlook.com_-3Furl-3Dhttp-253A-252F-252Ft.sidekickopen35.com-252Fe1t-252Fc-252F5-252Ff18dQhb0S7lC8dDMPbW2n0x6l2B9nMJW7t5XYg3MxRLxW5w6vXM8rl77WW4Wzrfn56dT6bf3Vtshg02-253Ft-253Dhttps-25253A-25252F-25252Ftwitter.com-25252FPCZARAPATA-2526si-253D6650399237341184-2526pi-253D4719794e-2Db15d-2D4315-2Db75a-2D2fbc2472ae29-26data-3D02-257C01-257C-257Cb93cc49e40cb41f11bc908d5f87cfeca-257Cf2e339511ec44c72b2bfa4f4671d64af-257C0-257C0-257C636688138077705139-26sdata-3DRXt3sP9cTYcCSZmOFORsIVRR3ku2vA1LprImaUNN3SM-253D-26reserved-3D0&d=DwMF-g&c=aKVGQ2uftgEtyjWUfhfCVjzs5Cm37_HE6-sIB-MDAow&r=FieNZpaN22lxzhpzKAafkQ&m=UKZFoQ8qcAptA8s2KuDOCsgWCrJ5JOx9BXRaCfslkG0&s=5Ap95Jn_50cw6rCya_uIsYObxDnVOMbDN3YQm4ZzUrY&e=> [cid:7a735ab0-5ead-4798-b33f-f04a2080274a] <https://urldefense.proofpoint.com/v2/url?u=https-3A__na01.safelinks.protection.outlook.com_-3Furl-3Dhttp-253A-252F-252Ft.sidekickopen35.com-252Fe1t-252Fc-252F5-252Ff18dQhb0S7lC8dDMPbW2n0x6l2B9nMJW7t5XYg3MxRLxW5w6vXM8rl77WW4Wzrfn56dT6bf3Vtshg02-253Ft-253Dhttp-25253A-25252F-25252Fwww.linkedin.com-25252Fin-25252Fczarapata-25252F-2526si-253D6650399237341184-2526pi-253D4719794e-2Db15d-2D4315-2Db75a-2D2fbc2472ae29-26data-3D02-257C01-257C-257Cb93cc49e40cb41f11bc908d5f87cfeca-257Cf2e339511ec44c72b2bfa4f4671d64af-257C0-257C0-257C636688138077705139-26sdata-3Dk9MrizMPcShUOvarV8Il4Pon061CUnnM9Fd3Zau0CqQ-253D-26reserved-3D0&d=DwMF-g&c=aKVGQ2uftgEtyjWUfhfCVjzs5Cm37_HE6-sIB-MDAow&r=FieNZpaN22lxzhpzKAafkQ&m=UKZFoQ8qcAptA8s2KuDOCsgWCrJ5JOx9BXRaCfslkG0&s=uJgYlmL2M5zVyg6H2mZZyIkR0K9y9kPOlGhnAZCV0GQ&e=> [cid:12e3de41-ed1d-45a6-8fe7-fd8925b7932b] <https://urldefense.proofpoint.com/v2/url?u=https-3A__na01.safelinks.protection.outlook.com_-3Furl-3Dhttp-253A-252F-252Fwww.facebook.com-252F-2523-21-252Fpages-252FKCTCS-252F110247165663059-26data-3D02-257C01-257C-257Cb93cc49e40cb41f11bc908d5f87cfeca-257Cf2e339511ec44c72b2bfa4f4671d64af-257C0-257C0-257C636688138077715152-26sdata-3DA9N-252F7CaBC7ypFt8hK3h-252FXehULdBLUMgue98ihZOYnq0-253D-26reserved-3D0&d=DwMF-g&c=aKVGQ2uftgEtyjWUfhfCVjzs5Cm37_HE6-sIB-MDAow&r=FieNZpaN22lxzhpzKAafkQ&m=UKZFoQ8qcAptA8s2KuDOCsgWCrJ5JOx9BXRaCfslkG0&s=5AOyJOxb7tcvM7T_CfDfyaRYJv9L7hc0e7OVFsf83cs&e=> Training and Learning Center<https://urldefense.proofpoint.com/v2/url?u=http-3A__kctcs.edu_tlc&d=DwMF-g&c=aKVGQ2uftgEtyjWUfhfCVjzs5Cm37_HE6-sIB-MDAow&r=FieNZpaN22lxzhpzKAafkQ&m=UKZFoQ8qcAptA8s2KuDOCsgWCrJ5JOx9BXRaCfslkG0&s=oTShwLFx57Mz1LEKwqTdrBzAYJO7Eh5z6dO_Ui2AeeU&e=> | Technology Solutions Help Desk<https://urldefense.proofpoint.com/v2/url?u=http-3A__ithelpdesk.kctcs.edu_&d=DwMF-g&c=aKVGQ2uftgEtyjWUfhfCVjzs5Cm37_HE6-sIB-MDAow&r=FieNZpaN22lxzhpzKAafkQ&m=UKZFoQ8qcAptA8s2KuDOCsgWCrJ5JOx9BXRaCfslkG0&s=CN2qPNCuY-H554DYIpmNw0E6U7tO_hqzHgJuVDMgc6Q&e=> | Technology Communications Center<https://urldefense.proofpoint.com/v2/url?u=http-3A__kctcs.edu_tcc&d=DwMF-g&c=aKVGQ2uftgEtyjWUfhfCVjzs5Cm37_HE6-sIB-MDAow&r=FieNZpaN22lxzhpzKAafkQ&m=UKZFoQ8qcAptA8s2KuDOCsgWCrJ5JOx9BXRaCfslkG0&s=O8d-URpeBfBo7o0XhdMvCEB3YNneYF4bz-60_sEUUhQ&e=> ________________________________ From: Gomez, Joshua <J.Gomez () SNHU EDU<mailto:J.Gomez () SNHU EDU>> Sent: Monday, May 18, 2020 10:51 AM Subject: Phishing Simulation - Punitive Escalation Hello I wanted to ask what people are doing for a "path to escalation" for staff who repeatedly fail simulations or cause incidents? For Example First Failure -> Remedial Training Second Failure -> Remedial Training + Supervisor Notification Third Failure -> Remedial Training + Sit down with person and department head Etc. I'm just trying to get some ideas to bring to our Governance committee. We have not been trying to be punitive and haven't needed to do much, but we are starting to see repeat offenders that need coaching for behavioral changes. Thanks in Advance, Josh Joshua Gomez | Analyst, Information Security Information Technology Solutions ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.educause.edu_community&d=DwMF-g&c=aKVGQ2uftgEtyjWUfhfCVjzs5Cm37_HE6-sIB-MDAow&r=FieNZpaN22lxzhpzKAafkQ&m=UKZFoQ8qcAptA8s2KuDOCsgWCrJ5JOx9BXRaCfslkG0&s=MLcKtvNGBITHPXVnCkmB7vuEK_vqBcYRrFVgYMqj3zw&e=> ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.educause.edu_community&d=DwMF-g&c=aKVGQ2uftgEtyjWUfhfCVjzs5Cm37_HE6-sIB-MDAow&r=FieNZpaN22lxzhpzKAafkQ&m=UKZFoQ8qcAptA8s2KuDOCsgWCrJ5JOx9BXRaCfslkG0&s=MLcKtvNGBITHPXVnCkmB7vuEK_vqBcYRrFVgYMqj3zw&e=> ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- Phishing Simulation - Punitive Escalation Gomez, Joshua (May 18)
- Re: Phishing Simulation - Punitive Escalation Ken Connelly (May 18)
- Re: Phishing Simulation - Punitive Escalation Frank Barton (May 18)
- Re: Phishing Simulation - Punitive Escalation Ullman, Catherine (May 18)
- Re: Phishing Simulation - Punitive Escalation Scantlin, Aaron J. (May 18)
- Re: [EXTERNAL] Re: [SECURITY] Phishing Simulation - Punitive Escalation Hart, Michael (May 18)
- Re: Phishing Simulation - Punitive Escalation Frank Barton (May 18)
- Re: Phishing Simulation - Punitive Escalation Jesse Thompson (May 18)
- <Possible follow-ups>
- Re: Phishing Simulation - Punitive Escalation Czarapata, Paul (KCTCS) (May 18)
- Re: Phishing Simulation - Punitive Escalation Rose, Henry (May 18)
- Re: Phishing Simulation - Punitive Escalation Oliver Betts-Richards (May 19)
- Re: Phishing Simulation - Punitive Escalation Ken Connelly (May 18)