Information Security Training | Information Technology | University of Pittsburgh
!

Information Security Training

Pitt Information Technology has a robust array of security measures and centralized security controls to protect the University's network and its data. But we also need your help—everyone affiliated with Pitt shares the responsibility of protecting the University's computing environment. One of our goals is to provide you with the knowledge and tools needed to protect yourself and the University from cyber threats. 

We now have an exciting new addition to our portfolio of security awareness resources. All faculty, staff, and student workers have access to online training from the highly regarded SANS security training library. This training will help you better understand and utilize security best practices, making you better prepared to protect yourself and the University. 

Access Pitt IT Information Security Training >

Course Offerings

Security Essentials

The cornerstone of our awareness training, this collection of live-action videos covers a range of security topics based on NIST 800-50, including social engineering, malware, phishing, passwords, targeted attacks, social networks, mobile devices, browsing, data security, and hacking.  

  • Approximate duration: 50 minutes 
  • Prerequisites: None 
  • Continuing Education: 1 credit 

Security Extras 

This supplemental course follows the same live-action format as Security Essentials but covers additional topics, including encryption, working remotely, insider threats, physical security, cloud security, and home cybersecurity. 

  • Approximate duration: 30 minutes 
  • Prerequisites: Security Essentials 
  • Continuing Education: 0.5 credit 

Applied Security Essentials 

This interactive course challenges you to apply the knowledge gained from Security Essentials, including social engineering, malware, phishing, passwords, targeted attacks, social networks, mobile devices, browsing, data security, and hacking.  

  • Approximate duration: 40-50 minutes 
  • Prerequisites: Security Essentials 
  • Continuing Education: 1 credit 

FISMA Supplement 

The Federal Information Security Management Act (FISMA) refers to legislation that defines a comprehensive framework to protect government information, operations, and assets. This training supplement is based on NIST 800-53 and reviews standards and best practices for safeguarding government data regulated by FISMA.  

  • Approximate duration: 15 minutes 
  • Prerequisites: Security Essentials 

IT Staff Supplement 

Following the same format as Security Essentials, this training supplement includes additional topics for IT staff, such as client support and privileged access.   

  • Approximate duration: 10 minutes 
  • Prerequisites: Security Essentials 

PCI DSS Supplement 

The Payment Card Industry (PCI) Data Security Standards (DSS) is a global information security standard designed to prevent fraud through improved credit card data control.  This training supplement covers information essential for the secure handling of payment card data. 

  • Approximate duration: 5 minutes 
  • Prerequisites: Security Essentials 

Email and Phishing 

More than 90% of data breaches start with a phishing attack. Phishing is effective because email filters and antivirus can not stop all phishing, and it targets what is often the weakest point in any organization, the people. However, people who recognize these attacks can be the most vital point of defense against phishing. This interactive mini-course explains how a phishing attack works, how to recognize one, and how to respond if this type of scam targets you. 

  • Approximate duration: 15-20 minutes 
  • Prerequisites: None 

Travel and Remote Work 

This live-action mini-course covers security best practices for business travel and working remotely.  The topics include international travel, working remotely, and mobile devices. 

  • Approximate duration: 15 minutes 
  • Prerequisites: None