Cyber Awareness training

New training reporting option for Managers now available in Workday. See the How do I access my team's training report in Workday? FAQ below.

Cyber Awareness and Research Security training offerings from Information Security Services (ISS)

Information Systems & Technology (IST) has procured a suite of Cyber Awareness Training courses that provide an important foundation of common knowledge regarding cybersecurity awareness for all employees and researchers. Course details are below.

Faculty and staff will be required to complete two short courses focusing on core cyber awareness essentials, data privacy and security, and other important topics.
Additional, specialized courses will be made available to University researchers (completion is highly recommended).
Courses should be completed by all current employees by July 1, 2024, and will be offered on a recurring basis in the future.
Employees without regular access to or use of a computer will have the opportunity for in-person training as an equivalent to the online courses.

To register

Visit LEARN to self-register for these courses.
Select the self-registration option.
Scroll to select the desired course and follow the registration steps.

Course offering

Cyber Awareness Essentials

Course: Cyber Awareness Essentials

Developed by: SANS Institute

Length: 30 minutes

Audience: Everyone

Topic: Introduction to Cyber Security

Description: This introductory course delves into the topic of cyberattacks that exploit human vulnerabilities to bypass technological defenses and gain access to sensitive data and information. However, with the right knowledge and awareness, individuals can identify and report signs of potential attack. Through this course, learners will be encouraged to develop a strong cyber shield and improve their cyber-detection skills, both while working on campus, at home or in their everyday lives.

Safeguarding your research

Course: Safeguarding your research

Developed by: Government of Canada

Length: 45 minutes

Audience: Researchers

Topic: Introduction to Research Security

Description: This introductory research security course emphasizes on the need to balance research openness with necessary protection, considering the potential uses of the research and the lengths to which others may go to acquire it. The course provides a deeper understanding of why research security matters and empowers learners to recognize potential risks and develop effective mitigation tools and strategies in collaboration with institutional or expert support. This course provides a valuable foundation for anyone involved in research and emphasizes the importance of a proactive and strategic approach to research security.

Cyber Awareness for Knowledge Workers

Course: Cyber Awareness for Knowledge Workers

Developed by: SANS Institute

Length: 20 minutes

Audience: Knowledge Workers

Topic: Privacy and Data Security

Description: This course, specifically designed for knowledge workers, offers a comprehensive overview of the importance of safe data-handling practices and privacy principles throughout the data lifecycle. Learners will gain a deeper understanding of the critical role security controls such as encryption play in protecting sensitive information from advance targeted attacks. By completing this course, knowledge workers will be better equipped to navigate the complex landscape of data security and privacy.

Cyber Security for Researchers

Course: Cyber Security for Researchers

Developed by: Innovation, Science and Economic Development (ISED) Canada and SANS Institute

Length: 45 minutes

Audience: Researchers

Topic: Introduction to Research Cyber Security & International Travel

Description: This introductory research cyber security course offers a comprehensive overview of the current cyber threat landscape, providing valuable insights and practical advice on how to maintain good cyber hygiene practices while working or traveling internationally. By completing this course, participants will be equipped with the knowledge and tools necessary to recognize and implement the systems and practices required to ensure the safe handling, storage, and transmission of sensitive research data. Learners will gain a deeper understanding of the importance of cyber security in the research field and how to best protect themselves and their valuable data.

Training help

Please contact Information Security Services for questions or concerns about ISS-offered training.

Training FAQs

Which cyber awareness courses should my staff take?

Cyber Awareness Essentials : All Employees: staff, faculty, contract, full-time, part-time, etc.
Cyber Awareness for Knowledge Workers: All Employees, staff, faculty, contract, full-time, part-time, etc. that work with UWaterloo information. Examples of employees that could be exempt are custodial services, food services, grounds services, etc.

Research Security training

Cyber Security for Researchers: All Employees, staff, faculty, contract, full-time, part-time, etc. that work with UWaterloo research data or support researchers
Safeguarding your Research: All Employees, staff, faculty, contract, full-time, part-time, etc. that work with UWaterloo research data or support researchers.

How will I know when staff have completed their training?

Completion of all four cybersecurity courses is automatically tracked and recorded for employee compliance in Workday. Management can view confirmation within 48hrs of the employee’s completion. Information Security Services will notify management of employees not in compliance after the July 2024 deadline.

How do I view an individual staff's training record in Workday?

You will see a list of your reports.

Click “Team Highlights”

Click the employee’s name.

Click on “Career” to see your staff’s training record.

What is the consequence if employees do not complete the courses by the July 1 deadline?

Like any mandatory training, completion of necessary courses is a job requirement, and enforcement is up to supervisors/managers.

Is there a certificate at the end that they can copy and send me?

When participants pass the courses, they will receive a LEARN Award immediately followed by a confirmation email within 24 hours. Confirmation of completion will be recorded within 48 hours (about two days) of completion in Workday, viewable by management

Do participants need to take a screenshot to prove completion?

Participants may take a screenshot of their LEARN Award if they wish to, but it is not required to prove completion.

Do students (Grad/Undergrad) need to take these modules as well?

Only students (Grad/Undergrad) who are employed and/or in a co-op placement with Waterloo should complete the training. Graduate students actively involved in teaching should complete the two cyber awareness courses and those involved with research should also complete the two research training courses.

How do I register for a LEARN course?

Log in to LEARN using your WatIAM credentials.
Click ‘Self-Registration’.
Find the name of the course and click on it.
Click the Register button.
Click the Submit button.
Click the Finish Button
Then click either ‘Register for another course’ or click the name of the course to begin or click the Done button to return later.

How do I view my grades and awards in LEARN?

Viewing grades: While logged into LEARN and in the desired course, click “Grades” in the top menu.

Viewing awards: While logged into LEARN and in the desired course, click “Resources” in the top menu, and select “Awards” from the drop-down menu.

How do I view my training record in Workday?

Click on the Profile icon in the top right corner.

Click on the ‘View Profile’ button.

Click on “Career” in the blue menu on the left, you may need to click ‘More” to see the “Career” option.

How do new employees find out about this mandatory training requirement?

It is the hiring managers' responsibility to ensure their new employees are aware of the mandatory cybersecurity training courses.

If an employee has recently taken the cybersecurity training courses, do they need to retake courses by July 1?

If the employee’s completion of the mandatory courses is displayed in Workday, then the employee is not required to complete the training again until the next training campaign.

How do I access my team's training report in Workday?

Your access to reports and the ability to view other’s training records will depend on the reporting structure defined in Workday. Managers and timekeepers can view the report in Workday by typing My Team's Learning Transcript in the main search bar. Alternatively, new report has been created in Workday called UW Mandatory Training. This report will allow Managers to see their direct reports as well as their report's subordinates.

Accessing reports

There are three ways to access reports available to managers and timekeepers:

From the Workday homepage, select View All Apps to click the Manager Reports application.
Search Manager reports in the main Workday search bar and select from the list of search results.
Type the report name UW Mandatory Training in the main Workday search bar.

To run the report, the Manager will need to select the organization they would like to see and then check whether they want subordinates included. You can use your own name, the sub org manager's name or the organization name to find the organization you would like to view.

Important notes

Reports cannot be delegated. Most reports can be downloaded to Excel so you can share them if appropriate.
If someone other than a Manager is tracking the training completion it would be the Manager's responsibility to share the reports with the employee being tasked with the job.
If these reports do not fulfill your reporting requirements, please send an email to DL-ist-securityawareness@uwaterloo.ca with as much detail as possible and we can explore different options to attempt to fulfill the business need.

Additional resources