Although IT services has a top notch cybersecurity team using the latest technology, for the most part it can only identify and stop known threats. Like other institutions, we have to rely on our employees to be our first line of defense against unknown threats. To ensure our employees have the skills they need to be an effective defense, we mandate annual cybersecurity training for anyone who has a significant impact on the network. This training ensures that employees can keep themselves, their families and the University safe from cyberattack. 

The training is updated every year with the old training course taken down and archived on June 30 and the new course posted on July 1. If you are on leave, you are not required to take the training until your return.  

Mandatory training is enforced by your supervisor. They will receive training status reports for their teams. They are also required to report completion of the training as part of the annual Position Hazard Assessment. Read on to find out if you are required to take cybersecurity training.

Employees 

All employees including contractors and contract instructors are required to complete cybersecurity awareness training upon hire and annually. What training you take depends on whether you are a high value target, if you are a new hire or if you completed training in the past.

Completed training in the past

If you completed awareness training in the past, you will be given an online  pre-test. The questioins on the pre-test are organized into categores. Your performance on the qyestions for that category will determine what online training topics you will be assigned. You may also take the Protecting Yourself Against Cybercrime workshop to complete your training requirement however the workshop will include all training topics. 

Did not complete new hire training last year

If you were not able to complete your new hire training last year, you will be enrolled in it again this year. You may also take the Protecting Yourself Against Cybercrime workshop to complete your training requirement.

New HIre

If you are new to Mount Royal University, you are required to complete an introductory awareness training course. You may either take a workshop or complete the training online. Your training status is stored in your training profile in our Security Education Platform. Therefore even if you choose to take a workshop, you must enroll in online training first. Once you complete your workshop your training profile will be manually updated to show your mandatory training has been completed and your online training assignment will disappear.

High Value Target

High value targets are people whose role requires them to have privileged access to the network, sensitive information or financial data. They are targeted by attackers at a greater rate and therefore our auditor requires they receive specialized training in addition to standard awareness training. Those in senior management, HR, payroll, finance, supply chain and who handle payment card data are all considered high value targets and are assigned additional online training modules specific to their role. These modules must be completed online.

Alumni 

Alumni are not required to take cybersecurity training but if they would like to improve their cybersecurity knowledge, they are welcome to attend a cybersecurity awareness workshop.

If you have any questions about the cybersecurity awareness training program please contact us at securityawareness@mtroyal.ca.