Who has to take training

Who has to take training?

Cybersecurity threats are constantly evolving, and each of us plays a critical role in protecting Mount Royal University from malicious attacks. Every day, cybercriminals attempt to breach our systems — in an average month, our University firewall blocks hundreds of millions of attacks, and tens of thousands of phishing emails make it to inboxes despite our security measures. As a user of our network, you are the first line of defense against threats to your data and that network.

To prepare you to be that line of defense. Mount Royal delivers infomative and engaging cybersecurity awareness training through the CIRA Security Awareness Training platform. This training platform uses a risk score to inform you of your vulnerabillity to a cyber attack. To ensure you have the skills you need, you are required to mainain a risk score at or below 650. You lower your score through training, reporting phishing training emails and participating in cybersecurity themed activities.

In addition, everyone who is employed by the University is enrolled in monthly phishing training. This ensures that you are well prepared to thwart a cyberattack. Together we can keep ourselves, our families and the University safe from cyber criminals.

Training courses are assigned depending on whether you are a high value target, handle payment card data, are a new hire or have completed training in the past.

New hIre

If you are new to Mount Royal University, you will be automatically enrolled in an introductory awareness training course. Upon enrollment, you will be sent a notificaiton email with a link to the CIRA Security AwarenessTraining platform. Even though enrollment is automatic, sometimes the process is delayed. You will have one month to complete the training, If you receive an error message when you attempt to logon to the Platform, please notify us by emailing securityawareness@mtroyal.ca.

Completed training in the past

If you completed awareness training in the past, you will be assigned refresher training. This short training assignment is desiged to keep your skills sharp and inform you of new cyber threats. The sooner you complete your training, the greater the affect on your risk score.

High value target

High value targets are people whose role requires them to have privileged access to the network, sensitive information or financial data. They are targeted by attackers at a greater rate and therefore our auditor requires they receive specialized training in addition to standard awareness training. Those in senior management, HR, payroll, finance, ITS and procurement are all considered high value targets and are assigned additional online training modules specific to their role.

Handle payment card data

Those who process customer payments have access to payment card data and must follow the standards and requirements set by the Payment Card Industry (PCI). One of those requirements is to receive PCI specifc training. If you are new to the role, you will be assigned introductory training which must be completed before you start processing payments. After that training is complete, you will be assigned refresher training every August 15 which must be completed by June 15 of the following year. Enrollment in the training is not automatic, you must request it. You can request enrollment for yourself or on behalf of someone else. To request enrollment, please complete the registration form.

To access the training:

1. Open a browser.

2. Enter https://mtroyal.cyberaware.d-zone.ca/ into the address bar. A login screen appears.

3. Login to the training platform using your MRU workstation login credentials. Your training dashboard appears.

4.Complete your assigned training listed under Outstanding Tasks.

5. Add additional training courses of your choosing by clicking the Add Course button on the Education tab.

Please note:

The sooner you complete your training after it has been assigned, the lower your risk score will go.

If you have any questions about the cybersecurity awareness training, please contact the IT Training Security Analyst at 403.440.6329 or securityawareness@mtroyal.ca

Cybersecurity workshops

Does your team learn better from a live instructor? We offer workshops on a variety of cybersecurity topics for groups of 8 or more. This is an informative and fun way to get your team together to earn some rewards and lower their risk scores. If you would like to arrange a live workshop either in-person or virtually, please contact the IT Security Training Analsyt at securityawareness@mtroyal.ca to submit your request.