Information security training empowers individuals to make better decisions, not only in how to recognise and respond to potential cyber-attacks, but also to be sure they aren’t inadvertently putting data at risk in their day-to-day work.
To support you in educating staff in your division, department or faculty, the University offers an online information security awareness module which provides a combination of information, case studies and links to additional resources relating to information security.
The University's security awareness training course is mandatory for all staff. Ensuring that your staff have completed this will satisfy the security awareness training requirements of the Information Security Policy. The Information Security team can provide you with monthly reports on the completion of the module within your division, department or faculty.
If you choose to deliver your own information security awareness training or engage a third party to do so on your behalf, this must be equivalent in content to that of the University's online module. If this applies to your division, department or faculty, please discuss this with the Information Security team.
What we offer:
The Information Security team can draw on its broad expertise to provide training and awareness tailored to your needs. This could be a general security awareness presentation to your whole team, or a more detailed one-to-one session to address a specific situation. Information security training is the cornerstone of a balanced programme of protective measures.
Benefits for you:
- Help people recognise and respond to potential cyber-attacks, phishing and social engineering attempts
- Protect our staff and students by ensuring teams have up-to-date knowledge about how to handle personal data
- Reduce the number of security incidents by sharing best practices
- Help embed information security in day-to-day activities
The service is available to all parts of the collegiate University. The service includes:
- Assistance with determining the level of risk based on the nature and volume of the data involved
- Assessing the security controls and contractual arrangements of the supplier to determine if they are fit for purpose
- Providing advice, assistance and support when dealing with supplier queries and negotiations
- Making recommendations to help you decide whether the supplier’s security is sufficiently mature