At UC Davis, required cybersecurity training is off to a good start

Numbers updated Nov. 16

As of mid-November, about 6,000 people at UC Davis had completed the University of California's newly required cybersecurity awareness training. Another 2,100 had begun it.

The feedback has been generally good, said Dewight Kramer, an information security consultant at UC Davis who regularly talks with business managers, technologists, instructors, and others across campus as part of his job.

The video training is organized into several short segments, each followed by a few simple questions. Completing it takes about 50 minutes. UC announced last month that all faculty, staff and student employees must complete the training by Jan. 31, 2016.

"It is not just a PowerPoint with someone reading the bullets," Kramer said. "It is an animated short that takes the concepts and turns them into stylized visuals. Overall, people have enjoyed this format."

"Some have mentioned that the tests at the end of each segment were too simple," he said. "In particular, one faculty member said the course was not good because the test was too easy. My response is that this is awareness training, not skill or deep knowledge training, and as such, having an easy test to reinforce the basic points is preferred to a hard test."

Others dislike the mandate, even if they might understand the need for it. Every month seems to bring news of fresh hacks, breaches, and information thefts somewhere. The harm they cause can be huge, and the UC is not immune. Knowing the basics of information security is no longer optional.

UC Davis has offered free cybersecurity awareness training for more than a year. It's similar to the new training, but taking it was voluntary, and only about 600 people have.

To take the UC required training, please visit the UC Learning Center, lms.ucdavis.edu.