Under review

Cybersecurity Training/Class for Personal Data Protection

Rodney Mort 9 months ago in Innovative Ideas / Training updated by alecjaxob 8 months ago 2

As we've all seen in the news and witnessed firsthand with recent cybersecurity events involving City staff there are bad people out there trying to do bad things with technology.  Being in the IT department I deal with a lot of technology security for work-related systems.  But when I have conversations with people there seems to be a lot of interest and questions about protecting their personal data and I think many staff would appreciate a class or training on this topic.

City staff has already recently been required to take online cybersecurity training focusing on basic security knowledge and especially email phishing and this was great training.

For this new training/class I would envision it adding more knowledge and focusing on personal data protection and could include the following:

  • Why is it important to use a completely different password for every online account you use?
  • What makes a strong password?
  • What is a password manager and why should you use one?
  • Demonstration of some popular password manager apps used from an app on your phone, built in to your phone's keyboard, and used from a web browser plug-in.  Also demonstrating how password managers can allow you to use completely randomized passwords for every account.
  • What is multi factor authentication (aka 2 factor authentication) and why should you use it for your most important accounts like online banking, online financial websites, password managers, and personal email accounts?
  • Why is it so important to secure your personal email account?
  • Acknowledging that these security measures are not as convenient but they are worth it.

The topic of this training would be specific to protecting personal data and it would be a benefit to employees personally, but it would have the added benefit of making City staff more aware and more knowledgeable about technology security which will also benefit the City while they're at work.
Roll Out:
I do not think the training/class should be taught by City IT staff because there could be boundary issues with time spent on personal vs. work-related tasks as there will inevitably be ongoing questions if the class is taught by a City IT staff member.

I think this could possibly be a class similar to the personal health, wellness, and nutrition classes we've had in the Chambers where it focuses on people's personal well being. Or maybe even more similar to the personal financial, retirement, and investment classes we've had.

Or it could also possibly be an online training class that the City pays for and offers to employees as a benefit.

Earn a bachelor's degree in computer science, information technology, cybersecurity or a related field. Or, gain equivalent experience with relevant industry certifications. Pursue an entry-level position in general IT or security. Earn a mid-level role as a security administrator, analyst, engineer or auditor.

Firstly, the purpose of personal data protection isn't to just protect person's data, but to protect the fundamental rights and freedoms of persons that are related to that data. To ensure that personal data is secure, it's important to know what data is being processed, why it's being processed and on what grounds.

Do you want free mobile games on your PC, try Subway surfer now.