Security Awareness

In accordance with district policy, personnel (faculty, staff, or any other individual operating on behalf of the district) shall be required to complete security awareness training on a periodic basis.

Personnel with access to privileged accounts or confidential information (as defined in the Long Beach Community College District Data Classification Standard) shall be required to complete additional role-based security awareness training relevant to any compliance and/ or regulatory programs.

Although many see cyber security as a technological problem, the Verizon 2022 Data Breach Report shows that 82% of cybersecurity breaches involve the human element through stolen credentials, phishing, misuse, or simply error. On a daily basis, people throughout the District perform functions that are sensitive in nature while perpetrators constantly search for ways to exploit them. Security awareness training educates personnel on the risks and threats associated with an ever-evolving threat landscape. With relevant training at regular intervals, the risk of common attacks is greatly diminished.

Training Shall Promote Awareness of the Following:

  • Best practices for protecting the confidentiality, integrity, and availability of protected data and information assets.
  • Phishing (whaling, vishing, smishing, etc.), ransomware, and related cyber fraud.
  • Procedures for reporting cyber incidents.

Related Awareness Topics

Post

Protect your password

Administration Regulation 6006 specifically prohibits the sharing of login credentials. Never provide your password to anyone: not your coworker, not your boss, not ITS.

Post

Don’t be a victim of phishing!

Forward all suspicious emails to Report a Phish. No one, not even ITS, should ask for your password or send emails or texts soliciting you to log in with your account. If someone does, they are phishing. If you do give your password to someone, immediately change it in the Viking Portal.