New Annual Cyber Security Training Mandatory for University Employees
UW System employees are required to take a course for cyber security training. Photo by Ross Vetterkind

New Annual Cyber Security Training Mandatory for University Employees

This year is the first installment of mandatory annual cyber security training for all faculty and staff at the University of Wisconsin-Stevens Point.

The Cyber Security Training became mandatory on July 21, 2017, when UW-System Administrative Policy 1032 was revised.

The trainings are intended to protect the security of UWSP’s database by educating faculty, staff and student employees.

Chad Johnson, information security officer and associate lecturer, is heading up the training with two student staff working underneath him.

“The weakest link is the human element,” Johnson said. “It’s only going to be effective if everyone participated in it. If everyone has a key to a door, it only takes one person to lose their key and the whole system is compromised.”

Johnson hopes people finish the training with an understanding that the information they possess is valuable to someone somewhere and that all it takes is for one person to be compromised for someone to have access to the entire university system.

Students who are not employed by the university possess much of the same access as those who are, but they are not being targeted with training, Johnson explained, because it would be an enormous operation to undertake.

The cybersecurity training is already going out to 2,000 faculty, staff and student employees.

Students, instead, are being targeted instead with traditional security awareness measures: hanging up posters around campus and sending out modules.

“There is a proven, direct correlation between information security awareness and security in general,” Johnson said.

The training is conducted through the Lawroom System, which is separate from the University System, so employees were uploaded manually.

Some student employees have yet to be uploaded, but the second round of Cyber Security training will be sent out soon to them, Johnson said.

High turn-over with student employees is the primary benefit Johnson sees from annual training.

Currently the training takes 60 to 90 minutes, but Johnson hopes to modify the training in succeeding years to take ideally 20 to 30 minutes, and conclude with a quiz to test understanding. People who do not pass the quiz would then go on to take further training or attend in person training.

Johnson said, “I can assure you that we wouldn’t be imposing this on faculty staff and students, and I wouldn’t be voluntarily doing it and taking up a great deal of my time, if it weren’t that important.”


Olivia De Valk

News Editor

About Olivia De Valk

Olivia De Valk
Senior English major. Pretty much only watches bad movies. Mediocre runner. Probably really hydrated.

Leave a Reply

Your email address will not be published. Required fields are marked *