Colorado State University

Good morning,

The Division of Information Technology (DoIT) is implementing an Annual Cybersecurity Training program. Some of you may have received, or will receive, a similar email from your department/college IT Director and I apologize for the duplication. However, I feel it is important to emphasize that you, as someone who has access to ARIESweb and/or the Banner Administrative Pages, seriously consider completing the cybersecurity training even if you are not identified by DoIT as someone who is required to do so. These systems give you access to student information; most of which is protected by the Family Educational Rights and Privacy Act (FERPA), and some of which is sensitive in nature (such as Personally Identifiable Information like Social Security Numbers and birthdates). Protection of the university Student Information System is critical; a data breach would be catastrophic to university operations.

The rest of this message is from the DoIT Information Security team. Please take a moment to read through it and note that some of you may be identified by DoIT as individuals with access to sensitive information and will be required to complete the training. DoIT will send you a separate email if you are one of those selected.

From DoIT:

In today’s world, cybersecurity is constantly top of mind. The first step to a secure environment is knowledge and arming individuals with the tools to protect themselves. To help educate our community, the Division of IT is excited to announce the launch of the CSU System’s Annual Cybersecurity Training series and we are counting on you to do your part and participate in this vital preventative action.

What is the Annual Cybersecurity Training?
• The training is a self-paced online series that will walk users through several videos with checkpoints
• The training is hosted on the Litmos platform and can be accessed through the Cybersecurity webpage or going directly to Litmos
• Individuals should see the training populated in their profile

Why are we strongly encouraging it?
• Best practices in IT Cybersecurity show that educating individuals is the first line of defense in recognizing attempts and preventing attacks
• The training covers a variety of topics that every individual should know in order to safeguard our information
• This training is part of the IT Strategic Plan in order to enhance our security profile

What Actions do I need to take?
• Every researcher, faculty, and staff member is encouraged to complete this annual training
• Some individuals are required to complete this training and will receive a separate notice from the Division of IT
• This training is already assigned to you through the Litmos platform

When is the deadline to complete it?
• All required individuals must complete the training no later than December 22
• For those who are encouraged, we ask that this is done by January 31, 2024
• This training will occur on a rolling, annual basis

We appreciate your partnership in this and welcome any feedback on the training. Please don’t hesitate to reach out to me or Kelly Poto with questions or thoughts.

Jerry Becker, PMP, SCO, MAJ USA RET
Associate Registrar
Veterans Education Benefits and SIS Security & Reporting
1063 Campus Delivery, Fort Collins, CO 80523-1063
Registrar.colostate.edu