Page History

...

...

Before getting started, we encourage you to check out the following resources. A few minutes of reading now may save you hours of work later by increasing your chances of getting started down the right path on the first try.

• The Successful Security Awareness Professional: Foundational Skills and Continuing Education Strategies (ECAR Research Bulletin, 2016)
• Security Awareness Plan Template
• Advancing Building a Culture of Digital Self-Defense: Establishing a Culture of Security Awareness at RIT (EDUCAUSE 2007 poster session2017 seminar)Creating and Maintaining a
• SANS Security Awareness Program (Security 2008 presentationAnnual Report (2017)
• SANS Security Awareness Roadmap
• NIST Special Publication 800-50: Building an Information Technology Security Awareness and Training Program (identifies the four critical steps in the life cycle of an information security awareness and training program)

...

Alert/Advisory Templates (Consider using these templates when preparing e-mail or web portal/intranet communications regarding information security issues.)

• REN-ISAC Alerts and Advisories (2010-present)
• Advisory--Online Scams (RIT 2010)

...

• Facebook Fan Pages
  • RIT Information Security
  • VCU Information Security
  • UConn Information Security
  • UW Information Security
• Twitter
  • Stanford
  • Massachusetts Institute of Technology
  • Brown
  • University of Virginia
• YouTube
  • HEISC YouTube Channel
  • National Cyber Security Alliance Channel

...

As you develop resources for your program, consult the following resources that address most facets of information security.

• Top 3 Strategic Information Security Issues: Risky Business (EDUCAUSE Review article about the top infosec issues campuses are facing in 2017)
• Native Intelligence
• OnGuard Online
• SANS Reading Room
• Online Safety for Higher Education (NCSA)
• Review the Toolkits and Hot Topics pages
• Join the Security Discussion Listserv

4) Establish a Security Awareness Website

...

• What Is Identity Theft? video by the Federal Trade Commission (FTC)
• Cartoons can be linked from your website or shared through social media (e.g., SecurityCartoon.com or xkcd)
• Anti-Phishing Working Group Public Education Initiative
• US-CERT Cyber Security Tips for non-technical users
• MS-ISAC Monthly Cyber Security Tips Newsletter can be published under your institution's brand/logo or linked from your website
• SANS Security Awareness Newsletter, OUCH!

5) Use HEISC Awareness Posters and Videos in Campus Settings

...

• You can access all winning videos on the HEISC YouTube channel.
• You can access all winning posters on the HEISC Facebook page or HEISC Security Awareness Pinterest page. 
• Host student video and/or poster contest on your campus. We've developed a handy DIY toolkit for campuses interested in hosting a student content.

6) Publish in Existing Campus Communication Channels

...

Sample newspapers and articles targeting college and university community members:

• Campus Newspaper (Purdue UniversityPurdue University)
• Information Security Newsletter (University of Coloradoof Colorado)
• HEISC Monthly Security Awareness Blog Posts (2016 annual Campus Security Awareness Campaign materials)
• IT  Newsletter (Stanford University Newsletter (Stanford University)
• Publishing a security article in a campus newspaper (Carnegie Mellon University)
• Faculty/Staff Newsletters (Purdue University)

...

If you have limited resources and cannot create a campus security awareness newsletter, consider sharing the SANS Security Awareness Newsletter, OUCH! This free resource is published monthly in multiple languages, and each edition is carefully researched and developed by subject matter experts. (OUCH! is distributed under the Creative Commons BY-NC-ND 4.9 license, so you may share the newsletter on your campus; the only limitation is that you cannot modify or sell it.)

7) Participate in National Cyber Security Awareness Month (NCSAM)

National Cyber Security Awareness Month (NCSAM), celebrated every October since 2004, was created as a collaborative effort between government and industry to ensure everyone has the resources they need to stay safer and more secure online. Since its inception under leadership from the U.S. Department of Homeland Security and the National Cyber Security Alliance, NCSAM has grown exponentially, reaching consumers, small and medium-sized businesses, corporations, educational institutions, and young people across the nation. There are opportunities for everyone on campus to get involved.

• Conduct community-based security awareness events on campus or regionally. See what your peers are doing and share your plans with NCSA.
•  Share these tip sheets, which provide in-depth information on how to stay safe in a variety of online settings: on social networking sites, on gaming sites, and on your mobile device.
•  Visit the NCSA YouTube channel where you'll find many cybersecurity-related videos.
•  Additional awareness resources are also available. Here you'll find other organizations' valuable materials that will prepare you for National Cyber Security Awareness Month.

...

• ECAR Research Bulletin (2013): Measuring the Effectiveness of Security Awareness Programs
• A Guide to Effective Security Metrics
• Security Metrics EDUCAUSE Resource Page
• Training Evaluation Field Guide (US Office of Personnel Management)
• Evaluating Training Programs (Employment Security Department)
• Delivery Method Matrix (MIT)
• Checklist for Training Process Audit (Scribd)

...

• RSS Feed into Twitter and Facebook Tutorial (PDF)
• SANS All about RSS Feeds

Contact any a HEISC Awareness & Training Working Group member to help you build your awareness program. The information in this document is only a guide, though it is an excellent starting point.!

Top of page

...

Questions or comments? Contact us.

...