Who has to take training

Who has to take training?

Cybersecurity threats are constantly evolving, and each of us plays a critical role in protecting Mount Royal University from malicious attacks. Every day, cybercriminals attempt to breach our systems — in an average month, our University firewall blocks hundreds of millions of attacks, and tens of thousands of phishing emails make it to inboxes despite our security measures. As a user of our network, you are the first line of defense against threats to your data and that network.

To prepare you to be that line of defense. Mount Royal delivers infomative and engaging cybersecurity awareness training through the CIRA Security Awareness Training platform. This training is mandated upon hire and annually for anyone who has a significant impact on the network. In addition, everyone who is employed by the University is enrolled in monthly phishing training. This ensures that you are well prepared to thwart a cyberattack. Together we can keep ourselves, our families and the University safe from cyber criminals.

Training courses are assigned depending on whether you are a high value target, handle payment card data, are a new hire or have completed training in the past.

New hIre

If you are new to Mount Royal University, you will be automatically enrolled in an online introductory awareness training course. Upon enrollment, you will be sent a notificaiton email with a link to the CIRA Security AwarenessTraining platform. Even though enrollment is automatic, sometimes the process is delayed. You will have one month to complete the training, If you receive an error message when you attempt to logon to the Platform, please notify us by emailing securityawareness@mtroyal.ca.

Completed training in the past

If you completed awareness training in the past, you will be assigned refresher training. This short training assignment is desiged to keep your skills sharp and inform you of new cyber threats. You will have until June 15 to complete the training.

High value target

High value targets are people whose role requires them to have privileged access to the network, sensitive information or financial data. They are targeted by attackers at a greater rate and therefore our auditor requires they receive specialized training in addition to standard awareness training. Those in senior management, HR, payroll, finance and supply chain are all considered high value targets and are assigned additional online training modules specific to their role.

Handle payment card data

Those who process customer payments have access to payment card data and must follow the standards and requirements set by the Payment Card Industry (PCI). One of those requirements is to receive PCI specifc training. This training must be completed before you start processing payments as well as annually. Enrollment in the training is not automatic, you must request it. You can request enrollment for yourself or on behalf of someone else. To request enrollment, please complete the registration form.

To access the training:

1. Open a browser.

2. Enter https://mtroyal.cyberaware.d-zone.ca/ into the address bar. A login screen appears.

3. Login to the training platform using your MRU workstation login credentials. Your training dashboard appears.

4. In the Outstanding Tasks list, you will find your assigned training.

Please note:

To get the most out of your training, complete it a little at a time rather than all in one sitting.

If you have any questions about the cybersecurity awareness training, please contact the IT Training Security Analyst at 403.440.6329 or securityawareness@mtroyal.ca

Cybersecurity workshops

Does your team learn better from a live instructor? We offer workshops on a variety of cybersecurity topics for groups of 8 or more. This is an informative and fun way to get your team together to complete the annual training. If you would like to arrange a live workshop either in-person or virtually, please contact the IT Security Training Analsyt at securityawareness@mtroyal.ca to submit your request.