Ithaca College has implemented periodic phishing simulation and online security awareness training for all faculty and staff. IT security training is required by Federal Trade Commission (FTC) regulations under the Graham Leach Bliley Act (GLBA) Safeguards Rule, and our cyber insurer specifically expects phishing simulation training.
Everyone is encouraged to use Outlook's “Report Message” feature to flag suspected phishing messages. If the reported message was a simulation, you will receive a congratulations notice. Reporting actual phishing messages helps us protect our students, faculty, and staff.
Anyone who clicks a link in a simulated phishing message will receive notification that it was a simulation and be provided with some pointers on how to recognize phishing. They will also receive an email notification to complete a 3-5 minute video training. Four times per year everyone will be asked to complete the training, for a total of 20-minutes of training yearly, even if they did not click a phishing link.