Comment on Mentorship Monday - Discussions for career and learning!
arcosenautic@lemmy.world 5 months agoI work at an educational institution that doesn’t really prioritize security, or anything IT related for that matter. We are a very small team (3 people) and we can’t really enforce any institution-wide training. We send regular PSA emails and that’s about it.
Of course, we have control over password policies and external access through workspace management tools, but we don’t have control over a lot of higher-up decisions. I wish I could enforce even stricter password policies but it’s just not possible for the higherups.
I was thinking of raising funding for some sort of cybersecurity day event at the institution, but when it comes to funding, you know how generous educational institutions are.
scytale@lemm.ee 5 months ago
Ah, yeah I feel you. That’s indeed an uphill climb especially if the higher ups themselves do not support you. I think a cybersecurity event is a good way to do it. If you end up getting smaller funding, you can also do short brownbag meetings with free snacks and/or giveaways. Free stuff is always an incentive for people to attend. Keeping events short (30 minutes or less) also helps. Then make your presentations interactive, instead of just lecturing do’s and dont’s to employees. Do scenario based discussions and let employees come up with ideas/solutions. That reinforces the knowledge if they “come up with the answers” and you validate them.