This Week’s Cybersecurity News, 09/06/2023

Share on

Happy September!

I can’t believe it’s already that time of year! And by “that time of year,” I mean time for our annual security awareness training. There are some changes for this year’s assignment, so I thought it would be best to devote this week’s newsletter to these changes.

Security Awareness Training

  • Every September I let you know that the security awareness training will be assigned on October 1 and will go through November 30.
  • This year I have been working with UTSA’s Employee & Organizational Development and UTIA’s Extension Evaluation and Staff Development to follow along with what UTSA and UTK are doing for their annual required Security Awareness Training.
  • As you know, you have had two types of required annual training:
  • In an effort to streamline the two sets of training, I have agreed to adding the security awareness training to the overall compliance modules, giving one “assignment” and one due date.
  • The overall training assignment should take about 2-1/2 hours, but you can see your status any time you log into K@TE <https://kate.tennessee.edu>.
  • Here are some of the changes you will notice:
    • The training will be assigned mid-September (this year will be assigned on 09/13).
    • The training will be due by December 30.
    • There will be a “test out” option, except for new hires.
      • You will be required to watch the first and last modules.
      • Other modules will allow you to complete a quiz first.
      • If you miss an answer, you will then be required to watch the module and take the quiz again.
      • I have been assured that this will not be effective every year, but may rotate every couple of years and the Compliance modules will do the same.
    • The assignment and reminder emails are automated and will now come from the Annual Compliance Team.
    • New employees who have already taken the training *may* see the assignment again. (I am working with EOD to get a list of those new employees who have completed the training from 01/01/2023 through 09/06/2023, but it may still show up for a day or two.)
  • And these are some of the things that won’t change:
    • The training is still required.
    • There will still be role-based group assignments that depend on your job responsibilities.
    • Any user not completing the training by the deadline will still lose access to all Institute-owned or University-owned systems until the training has been completed.
  • I hope that this will be easier for everyone to keep up with.
  • I can’t guarantee that those very few people who have no access to *any* Institute-owned IT assets (including email) won’t get the assignment now.
  • Please be patient as we try this new method of assigning the training.
  • Of course, if you have any questions or concerns, please don’t ever hesitate to let me know

I want to thank Kortney Jarman, of EOD, and Stephanie Brown, of EESD, for working with me.

Thank you all so much for everything you do every single day to protect the Institute and its data. And a special thanks to all those have questions and notify me about potential scams. Please let me know any time you have any questions or concerns when it comes to IT security!

Sandy

Important Note: Thank you so much for sharing these e-newsletters with family, friends, clients, students, and anyone else who may benefit from the information. I would like to stress that you should keep your students in mind, as non-employee students will not get this information without someone sharing. If anyone has an email group for students who are not employees of your department, please let me know what that address is and I can include it. I do this as a blind copy so student names and addresses will not show up!