Back to Strategic Programs
Strategic Program
Security Awareness & Phishing Resilience
Reduce human-factor breach probability across faculty, staff, and high-risk administrative roles
Risks: R-1, R-5
Executive Sponsor
President / CISO
Program Owner
CISO / IT Director
Budget
$18K-$25K/yr
Status
Year 1 Planned
Program Objectives
- 1.Deploy KnowBe4 or Proofpoint Security Awareness Training platform
- 2.Establish quarterly phishing simulation program with baseline measurement
- 3.Mandate annual FERPA and cybersecurity training for all employees
- 4.Implement dedicated training track for high-risk roles (finance, DSO, IT admins)
- 5.Achieve phishing click-through rate below 5% by Month 12
Phase 1
Months 1-3
- · Vendor selection
- · SSO integration
- · Baseline phishing simulation
Phase 2
Months 4-6
- · First full simulation cycle
- · Role-based training tracks
- · FERPA module for Banner users
Phase 3
Months 7-12
- · Monthly micro-training
- · Quarterly trend reporting
- · Annual compliance certification
Expected Outcomes
- Click-through rate below 5%
- 100% staff training compliance
- Reduced BEC incident volume
Success Metrics
- · Phishing click-through rate
- · Training completion %
- · BEC incident count