Cybersecurity Awareness Training

Summary

All CCE staff are required to complete Cornell University’s Cybersecurity Awareness online training on an annual basis. This article provides instructions for accessing the training, highlights specific guidance for Cornell Cooperative Extension employees, and offers additional resources related to cybersecurity best practices and tools.

Body

We all play a critical role in protecting the privacy of data.

Malicious actors continually probe for weaknesses in our defenses.

Common methods for unauthorized access into our systems are via phishing e-mails, targeting accounts with insecure, reused passwords, and unsecured file storage and devices. Due to the frequency and severity of these attacks, both regulators and cyber liability insurers have mandated that organizations must provide cybersecurity awareness training.

Cornell IT requires all current staff to complete this training on an annual basis.  New staff will receive an email within the first two weeks of employment containing a link to complete this course.  If you do not receive an e-mail notification nor see this training listed when you log into Workday Learning, please contact the Western IT helpdesk.

Accessing the FY25 Cybersecurity Training and Attestation

  • Link to take ITSO 102 FY25 Cybersecurity Training and Attestation
  • Information about the required training:
    • You will receive an e-mail from Workday Learning <cornell@myworkday.com> when the course has been assigned to you from Cornell.
    • You can also find the course by going to Workday Learning and looking for ITSO 102 in the "Required for You" section.
    • Be sure to allow popups to open in your web browser. 
    • Allow 24 hours for your Workday Learning record to show that you completed the course.
  • If you do not complete the FY25 Cybersecurity Training and Attestation by the date specified, you will begin to see warnings when you use CUWebLogin to log in to most Cornell services. Non-compliance could ultimately result in an interruption of your access to those services. 
  • For more information: Annual Cybersecurity Training and Attestation | IT@Cornell

Specific Instructions for Cornell Cooperative Extension Employees

NOTE: This course includes Cornell-specific information that may not apply to Cornell Cooperative Extension employees.
Please review the following guidance carefully.

  • Device Security section:
    • “Verify Your Certified Desktop(s)”  - CCE employees do not use Cornell-owned, certified desktops.   You should not see any computers listed on this page since Cornell does not track our CCE-owned computers.  
      (If a computer is listed, it likely means you are working with a Cornell University program that has allocated a Cornell-owned computer to you.)

      For the questions in this section, please select the following options (see screenshot below).
      • Question 2 - Select “All the Cornell-issued devices I use are listed above.”  (Even though there are no devices listed.)
      • Question 3 - Select “None of the above”
        Uploaded Image (Thumbnail)
  • At the end of the training, you have the opportunity to write in a comment.  To make it clear that we do not use Cornell owned equipment, feel free to paste in:
    • I use an affiliate organization (CCE-owned) device for work, which is joined to the Cornell domain but is not registered to Certified Desktop.

Cornell Resources

  • Security & Policy | IT@Cornell
     
  • Annual Cybersecurity Training and Attestation | IT@Cornell
     
  • Cornell Verified Communication about Cybersecurity Awareness Training 
    You must be logged in with your NetID to view this page.

  • “Certified Desktop” - This is a package of security tools to protect Cornell University computers.  Currently, CCE computers do not have access to this full software suite but below is a list of the individual tools within Certified Desktop that CCE does utilize right now to protect our computers:

    • CrashPlan – Computer backup software
      Provides secure, real-time backup, archiving, and versioning of files for computers. This helps protect us from ransomware attacks and fraud and streamlines the process of transitioning local files to a new computer.

    • CrowdStrike — Advanced endpoint protection with antivirus and anti-malware
      Software runs in real time and helps prevent malware installation.  It will also notify IT staff if there is potential malware on a computer.

    • Spirion — Confidential data identification software
      Software that allows you to manually scan your computer to identify and remove confidential data, such as Social Security, credit card, or bank account numbers.

CCE Resources

Handouts:

CCE webinars:

Details

Details

Article ID: 5815
Created
Thu 8/17/23 2:27 PM
Modified
Thu 12/11/25 11:39 AM

Related Articles

Related Articles (3)

Crashplan - Backup Software (formerly known as Code42)
CrashPlan (formerly Code42) offers secure, real-time backup, archiving, and file versioning for computers. It also helps protect users against ransomware and fraud while simplifying the migration of local files to a new device.
Spirion (was Identity Finder)
Scan for confidential data on computers
Western - Phishing Education
We all get phishing scam e-mails.  Cornell and Microsoft try their best to block what they can, whilst still allowing legitimate e-mails into our Inboxes.  But what can we do on our end?