Cybersecurity Awareness Training

We all play a critical role in protecting the privacy of data.

Malicious actors are continually probing for weaknesses in our defenses.

Common methods for unauthorized access into our systems are via phishing e-mails, targeting accounts with insecure, reused passwords, and unsecured file storage and devices. Due to the frequency and severity of these attacks, both regulators and cyber liability insurers have mandated that organizations must provide cybersecurity awareness training.

Cornell IT requires all current staff to complete this training on an annual basis.  All new staff should receive an e-mail in the first two weeks of employment with the link to complete this course.  If you do not receive an e-mail notification nor see this training listed when you log into Workday Learning, please contact the Western IT helpdesk.

FY25 Cybersecurity Training and Attestation

  • Link to take ITSO 102 FY25 Cybersecurity Training and Attestation
  • Information about the required training:
    • You will receive an e-mail from Workday Learning <cornell@myworkday.com> when the course has been assigned to you from Cornell.
    • You can also find the course by going to Workday Learning and looking for ITSO 102 in the "Required for You" section.
    • Be sure to allow popups to open in your web browser. Find out how to do that.
    • Allow 24 hours for your Workday Learning record to show that you completed the course.
  • If you do not complete the FY25 Cybersecurity Training and Attestation by the date specified, you will begin to see warnings when you use CUWebLogin to log in to most Cornell services. Non-compliance could ultimately result in an interruption of your access to those services. 
  • For more information: Annual Cybersecurity Training and Attestation | IT@Cornell

THIS COURSE REFERS TO CORNELL-SPECIFIC INFORMATION THAT MAY NOT APPLY TO CCE EMPLOYEES.  PLEASE REVIEW THE BELOW.

  • In the Device Security section of this training:
    • “Verify Your Certified Desktop(s)”  - CCE employees do not use Cornell-owned, certified desktops.   You should not see any computers listed on this page since Cornell does not track our CCE-owned computers.  
      (If you do have a computer listed, it's likely you are working with a Cornell University program and they have allocated you a Cornell-owned computer.  Please reach out to the WSBN IT helpdesk if you have any questions.)

      For the questions in this section, please select the following (see screenshot below).
      • Question 2 - Select “All the Cornell-issued devices I use are listed above.”  (Even though there are no devices listed.)
      • Question 3 - Select “None of the above”
        Uploaded Image (Thumbnail)
  • At the end of the training, you have the opportunity to write in a comment.  To make it clear that we do not use Cornell owned equipment, feel free to paste in:
    • I use an affiliate organization (CCE-owned) device for work, which is joined to the Cornell domain but is not registered to Certified Desktop.

Related information

  • Best Practices | Cornell Cooperative Extension | Staff Site
     
  • Security & Policy | IT@Cornell
     
  • Annual Cybersecurity Training and Attestation | IT@Cornell
     
  • Cornell Verified Communication about Cybersecurity Awareness Training 
    You must be logged in with your NetID to view this page.

  • “Certified Desktop” - This is a package of security tools to protect Cornell University computers.  Currently, CCE computers do not have access to this full software suite but below is a list of the individual tools within Certified Desktop that CCE does utilize right now to protect our computers:

    • CrashPlan – Computer backup software
      Provides secure, real-time backup, archiving, and versioning of files for computers. This helps protect us from ransomware attacks and fraud and streamlines the process of transitioning local files to a new computer.

    • CrowdStrike — Advanced endpoint protection with antivirus and anti-malware
      Software runs in real time and helps prevent malware installation.  It will also notify IT staff if there is potential malware on a computer.

    • Spirion — Confidential data identification software
      Software that allows you to manually scan your computer to identify and remove confidential data, such as Social Security, credit card, or bank account numbers.

CCE Training Resources

Handouts:

CCE webinars:

Print Article

Related Articles (3)

Crashplan - Backup Software (formerly known as Code42)
Crashplan (formerly known as Code42) provides secure, real-time backup, archiving, and versioning of files for computers. This helps protects users from ransomware attacks and fraud, and streamlines the process of transitioning local files to a new computer.
Phishing Education
We all get phishing scam e-mails.  Cornell and Microsoft try their best to block what they can, whilst still allowing legitimate e-mails into our Inboxes.   But what can we do on our end?
Spirion (was Identity Finder)
Scan for confidential data on computers