U of R Home
IS
Information Security
Cybersecurity Awareness

Cybersecurity Awareness

Our Commitment to Cyber Security

The University of Regina has partnered with CIRA and Beauceron Security to offer the Cybersecurity Awareness Platform to our users, which is used by 100,000’s of users and is widely adopted in higher educational institutions in Canada.

Information Security Awareness Training

President and Vice-Chancellor, Dr. Jeff Keshen speaks on the importance of Information Security Awareness Training at the University of Regina.

Required Training

Cyber Security Awareness Training Login

University of Regina Employees are encouraged to complete the online survey and training modules.

The Cybersecurity Awareness Training will provide valuable information to help you identify online risks, become more aware of common types of cyberattacks and better equip you to report threats.
This training is not for Students.

The online Cybersecurity Awareness Training will take approximately 1 hour to complete. It can be completed all at once, or your progress can be saved and resumed at a later time.

How do I enroll?

Employees can login to the platform using your University of Regina username and password.
If you're having issues logging in, please contact the IS Service Desk.
There is an initial "Awareness, Attitudes and Perceptions Survey," which will be issued prior to starting training. This seeks to establish a baseline assessment, and takes approximately 5 minutes to complete.
Once the survey is completed, 6 training courses will be assigned. and are required to be completed.

Cyber Security Awareness Training Login

Training Modules Include

Cybersecurity Awareness 100: Introduction

Completion Time

Approximately 15 Minutes

Learning Opportunities

Introduction video
Overview of cybersecurity awareness training.

Cybersecurity Awareness 101: Cybercrime

Completion Time

Approximately 10 Minutes

Learning Opportunities

The rising threat of cybercrime.
How cybercriminals use social engineering to "hack" people and organizations.
How cybercriminals use malicious software.
How to protect yourself and your organization.
Reporting Incidents and Phishing.

Cybersecurity Awareness 102: Hacking Humans

Completion Time

Approximately 10 Minutes

Learning Opportunities

Social Engineering.
Phishing
Phishing Tactics.
Vishing
Smishing
Protect Yourself.

Cybersecurity Awareness 103: Malware and the Cybercrime Toolkit

Completion Time

Approximately 10 Minutes

Learning Opportunities

Malware
Viruses
Trojans
Spyware
Ransomware
Remote Access Tools.
Mobile Device Malware.

Cybersecurity Awareness 104: Securing Yourself

Completion Time

Approximately 10 Minutes

Learning Opportunities

Roles and Responsibilities
Password Protection
Mobile Device Security
Protect Your Data
Physical Security

Cybersecurity Awareness 105: Security at the University of Regina

Completion Time

Approximately 15 Minutes

Learning Opportunities

Security Resources.
Policies and Standards.
BYOD
Antivirus
WiFi Usage.
MFA
Reporting Incidents and Phishing.

CIRA (Canadian Internet Registry Authority)

CIRA provides the solution hosting. See more information about the product that is available.

CIRA Information

Beauceron Security

Beauceron Security specializes in cybersecurity awareness training and is the developer of the training content and platform.

Beauceron Information

Training Platform Highlights

Overview

The platform is Canadian developed, and offers Canadian training content.
The platform is primarily designed to provide a series of cyber security awareness training courses to be offered University of Regina employees. Through surveys, quiz results, and user interaction, the platform will help to gauge the attitudes and awareness of users.
Risk scores allow the measurement of individual, departmental, and organisation risk with scores that go up and down based on training success.
Each user gets a dashboard which shows their training progress summarized as a personal cyber risk score. Your personal cyber risk score represents your cybersecurity knowledge at the time of the initial survey. The cyber risk score can be used to identify future training opportunities and be improved each time you complete an online course or report a phishing email. The lower your cyber risk score is – the more desirable it is.
Phishing simulations are offered by the platform and will be implemented in Phase II of this initiative.
The Cybersecurity Awareness Platform seeks to deliver on the information security stategy, goals, and objectives.

Personal Risk Score

Good security behaviour is reflected in the Personal Risk Score.
The Personal Risk Score allows team members to understand where they are on their cybersecurity journey. They can positively impact their Personal Risk Score by reporting phishes, completing courses and engaging with the platform.

Personal Dashboard

The Personal Dashboard features everything team members need to stay engaged and play an active role in protecting their organization from cyber threats with access to survey, courses, rewards and more all in one place.

Training on Common and Specific Threats

Many common threats and risks are covered in the training content with new content frequently added. Users can consume training specific to their the risks they encounter, and common threats are shared with all users.

Training Strategy, Goals, and Objectives

The University of Regina Information Security Strategy was updated in 2021, and contains a strategic pillar of “Improve Information Security Awareness, Training, and Culture.” This is in response to the rapidly escalating number of cyber-attacks targeting individuals within our university community and our institutional networks and data.

Protecting the information of the institution and all members of the university community is a high priority and a shared responsibility.

Additional needs to improve training and awareness were identified in the November 2021 Centre for Internet Security (CIS) Critical Controls assessment. Current practises do not completely align with standard security frameworks such as CIS.

Additionally, other security frameworks such as, NIST, ISO 27001, COBIT all similarly recommend a comprehensive awareness and training program as part of an organisation’s IT security program.

Cybersecurity Awareness Training Program Goals include

With the launch of the new security awareness program, a focus will exist on common user security concerns such as password selection, appropriate use of computing resources, and social engineering. The training programs will also target tailored training to specific groups.
An important aspect of ensuring compliance with the information security program is the education and awareness of organisational users regarding the importance of and need for information security. The security awareness program will underscore the risks and threats that the University faces, and the role of all users in minimising impacts to the Institution.
Employee awareness should start from the point of joining the organisation (e.g., through induction training) and continue regularly.
Security awareness programs should consist of training, planned to be administered online which includes quizzes to gauge retention of training concepts; coupled with a regular schedule of refresher training.
All employees of the organisation and, where relevant, third-party users must receive appropriate training and regular updates on the importance of security policies, standards and procedures in the organisation.

High Level Cybersecurity Awareness Training Objectives include

At a high level, the objectives of the cybersecurity awareness training program seek to align with security strategy, and include:

Uniform training across the University’s human resources.
Expand training content available to users.
Increase user engagement with ongoing interaction with refresher training and phishing simulation.
Increase end user participation with compliance reporting against targets of enrollment, engagement, and risk scores.