In accordance with district policy, personnel (faculty, staff, or any other individual operating on behalf of the district) shall be required to complete security awareness training on a periodic basis.
Personnel with access to privileged accounts or confidential information (as defined in the Long Beach Community College District Data Classification Standard) shall be required to complete additional role-based security awareness training relevant to any compliance and/ or regulatory programs.
Although many see cyber security as a technological problem, the Verizon 2022 Data Breach Report shows that 82% of cybersecurity breaches involve the human element through stolen credentials, phishing, misuse, or simply error. On a daily basis, people throughout the District perform functions that are sensitive in nature while perpetrators constantly search for ways to exploit them. Security awareness training educates personnel on the risks and threats associated with an ever-evolving threat landscape. With relevant training at regular intervals, the risk of common attacks is greatly diminished.
Training Shall Promote Awareness of the Following:
- Best practices for protecting the confidentiality, integrity, and availability of protected data and information assets.
- Phishing (whaling, vishing, smishing, etc.), ransomware, and related cyber fraud.
- Procedures for reporting cyber incidents.