Skip to main content

Information Security Training and Awareness Program

Information Security Training and Awareness Program

Security training—on the go! Try the Learner Mobile App today.

The Employee Security Awareness Training Program (ESAT) provides educational offerings to assist university members with staying up-to-date with regulatory training requirements (i.e. PCI-DSS, GLBA, etc.), as well as provides general Cybersecurity Awareness Training to educate the university community on how to stay safe online.

The Compliance and Training Team provides online, in-person and hybrid training options to support the university’s various training requirements.

To request training, complete a training request form below.

Online training modules are available for employees who have access to or use covered data under the Gramm-Leach-Bliley Act (GLBA), including personally identifiable financial information. This training is mandatory and must be completed on an annual basis.

Managers/Deans/Supervisors must submit a request for training for all employees in their respective units, schools, or departments who process GLBA data.

How to enroll staff in GLBA Training:
1. Complete the training request form. (NetID Login required.)
2. Review training instructions for submitting training rosters.
3. Provide login instructions to all identified enrollees once the training request has been approved.

For any questions, contact the Information Security Compliance and Training Team.

Payment Card Industry Data Security Standard (PCI-DSS) requires that all personnel who collect, handle, or process PCI data are required to take annual awareness training. This training is mandatory and must be completed on an annual basis.

Managers and merchants must submit a request for training to enroll individuals who process or have access to credit card data that is used for payments to the university.

How to enroll staff in PCI Training:
1. Complete the training request form. (NetID Login required.)
2. Review training instructions for submitting training rosters.
3. Provide login instructions to all identified enrollees once the training request has been approved.

For any questions, contact the Information Security Compliance and Training Team.

If you require information on the Health Insurance Portability and Accountability Act (HIPAA), please contact University Ethics and Compliance.

In addition to the mandatory training provided by UEC, Managers/Deans/Supervisors can submit a request for training for any staff members requiring a supplemental review of HIPAA Security Rule concepts.

How to enroll staff in supplemental HIPAA training:

  1. Complete the training request form. (NetID Login required.)
  2. Review training instructions for submitting trainee rosters.
  3. Provide login instructions to all identified enrollees once the training request has been approved.

For any questions, contact the  Information Security Compliance and Training Team.

Principal Investigators (PI)/Managers/Deans/Supervisors must submit a request for training for any researcher or fellow requiring supplemental training that complements the NIH RCR requirement.

How to enroll trainees into the Supplemental Training for Researchers program:

  1. Complete the training request form. (NetID Login required.)
  2. Review training instructions for submitting trainee rosters.
  3. Provide login instructions to all identified enrollees once the training request has been approved.

For any questions, contact the Information Security Compliance and Training Team.

Managers/Deans/Supervisors must submit a request for training for any active staff, faculty, student worker, or guest requiring a review of basic Cybersecurity concepts.

How to enroll trainees into the Cybersecurity Awareness Training program:

  1. Complete the training request form. (NetID Login required.)
  2. Review training instructions for submitting trainee rosters.
  3. Provide login instructions to all identified enrollees once the training request has been approved.For any questions, contact the Information Security Compliance and Training Team.

Family Educational Rights and Privacy Act (FERPA)
If you require information on the Family Educational Rights and Privacy Act (FERPA), please contact University Ethics and Compliance or learn more about FERPA for Faculty and Staff.

Digital resources

View a variety of materials to support compliance training and employee understanding of policies, programs, and related initiatives.

Training inquiries and support

For additional questions or assistance regarding training, or if you would like to explore customized training, please contact the Information Security Compliance and Training Team.

Cyberthreat awareness

Reporting a suspected scam

Think you’ve been scammed? Review actions you should take to report any suspected cyberthreats.

Covid-19 related cyberthreats

See common scams and cyberthreats that have been reported during the COVID-19 pandemic and some tips to avoid them.

Phish Bowl

Cyberthreats are everywhere. Learn how you can avoid phishing scams with these quick tips.