How Forta’s Terranova Security helped improve security for a Canadian university – Technology Record

    Published on:

    Alice Chambers |

    According to Universities Canada, Canadian universities enroll approximately 1.4 million full-time and part-time students and more than 47,000 staff members each year. Each of these universities stores a lot of sensitive data on their IT systems, including personally identifying data about individuals and information about their own research, finances, physical security operations, and more.

    Additionally, there are hundreds of opportunities for open information sharing, from sending emails to filing reports. For this reason, higher education institutions are one of the main targets for cyberattacks such as phishing emails. Microsoft Digital Defense Report 2023.

    That's why university IT teams have made security awareness training for both staff and students an urgent priority in recent years.

    “Students are effectively born with technology in their hands, but with no information about security,” says the top Canadian university, which has chosen Fortra's Terranova Security to secure its digital ecosystem. says the Chief Information Security Officer (CISO).

    While working with Fortra, the university had 40,000 students and nearly 7,000 faculty members, and many courses were taught and delivered in two different languages. University members frequently receive phishing emails that circumvent standard cybersecurity barriers, highlighting the critical need to educate the entire university community about the growing threat of cyberattacks.

    At the time, on-campus cybersecurity training was not mandatory. In some cases, people were hesitant to participate in the simulation exercise because they feared the repercussions of failing the phishing email simulation. As a result, departments across campus refused to take simulation tests. This is because they believed that simulation tests were too realistic and could have a negative impact on daily communication. But the CISO says: “You have to give people the right to make mistakes.”

    To overcome this challenge, university CISOs, IT teams, and other stakeholders need multiple end-user training courses, training campaign monitoring, detailed reporting and customizable phishing assessments to change unsafe online behaviors. Implemented a complete Fortra solution, including performance measurement with. . They first deployed and presented modules from Fortra's course library to universities in a series of campaigns. The university selected 12 modules for a diverse audience based on the customization features essential to the success of the training program. Security team leaders focused on rolling out training courses that best fit within the existing culture.

    “Until last year, we were focused on people. Now we are targeting the entire community, including students,” says the CISO.

    The goal was to first document high participation in a security training campaign rolled out to staff and faculty. The training was conducted in a safe environment, utilizing modular content that engages all generations. As a result, participants freely participated in the training course without fear of negative consequences. The university also leverages Fortra's Awareness Platform, which allows program administrators to manage campaigns and course deployment with near real-time reporting on course completion metrics. We have customized the assessment difficulty level to accommodate a wide range of knowledge bases and aptitudes.

    After implementing the training program, the university observed a 5% increase in staff participation. After the university's student training campaign, the CISO reported that out of an estimated total student population of 40,000, he reached 17,000 and recorded a participation rate of over 42%.

    University CISOs who have benefited from Fortra's training, learning management, and assessment solutions plan to continue collaborating with the company's cybersecurity experts. By working together, both parties can further optimize training solutions based on key metrics and campaign results.

    This article was originally Winter 2023 issue Technical records. Sign up for a free subscription to have future issues delivered straight to your inbox.


    Leave a Reply

    Please enter your comment!
    Please enter your name here