Cybersecurity Education

We have consolidated Cybersecurity for You (C4U) and security awareness web pages to this location under the name of "Cybersecurity Education." As a result, cybersecurity events, educational opportunities, Security Coordinator resources, Security Community agendas, and more are available in one place.

You can request time to schedule Security Coordinator onboarding sessions, role-based training, or general security training by sending an email to securityawareness@osu.edu.

Security Community Agendas

Request in invitation by sending an email to securityawareness@osu.edu.

Next Security Community meeting: February 19, 2026

Agenda coming soon

Past Agendas

January 15, 2026

Digital Security and Trust Updates
- Google’s Data Protection
- Duo Certificate Authority Change
Test your AI Security Smarts: Quiz Winners
December Phish Simulation Results
2026 IDP Training

IT16 Training Options

OTDI's Digital Security and Trust's (DST) IT16 policy requires annual training to ensure users are educated about cybersecurity risks.

IT16 - User-related Risk ensures users are aware of security threats and behavior that makes them vulnerable, and capable of performing information security-related roles.
IT16.1 - Information Security And Privacy Awareness states all users must participate in a minimum of one hour per year of information security and privacy awareness programs.
IT16.2.1 - Institutional Data Training requires all users who access S4 Restricted data to complete

IDP Annual Training

DST requires a minimum of two hours of training annually.

IT16.2.2 - Role-based Information Security and Privacy Training
IT16.2.3 - Regulation Control-Based Information Security And Privacy Training

The "Resources" tab below provides training resources to assist in meeting the training requirements in IT16.

Resources

IDP Annual Training (BuckeyeLearn) - Required for those who have access to S4 (Restricted) information
Security and Awareness Training (update coming...more to follow soon)
1. View the Curriculum page from your browser: (new link soon)
2. Click “Register”
3. Enjoy the training courses together, or individual, as conveniently as your time permits
4. When all courses are complete, return to your transcript. The course should show as “complete”
LinkedIn Learning - Ohio State faculty and staff have 24/7 free unlimited access to LinkedIn Learning which allows you to learn at your own pace. There are 30-70 new courses added weekly which are relevant to your current role.
Security Community meetings - held monthly, these events discuss developments across the security landscape, work being done to protect the university, and general security discussions. Send an email to securityawareness@osu.edu to request an invitation.

Security Coordinator Resources

The Ohio State IT Security Policy specifies the requirement for establishing security representatives from colleges, units, and campuses. The security representative, known as the Security Coordinator, serves as the unit liaison with Digital Security and Trust (DST) for security-related matters and activities, and is responsible for the execution of security activities in their college or unit.

Security Coordinator resources:

Cybersecurity Events

Cybersecurity Days

This section details our collaboration with the BIG10 Academic Alliance (BTAA) to celebrate October as National Cybersecurity Awareness Month. Check back closer to October 2026 for updated events.

Contact cybersecuritydays@osu.edu if you have questions or want to provide feedback.

Past Agendas

2025

Join the Cybersecurity Gameshow

Wednesday, Oct. 1, 2025 - 1:30-2:30 p.m.

All users cam benefit from good cyber skills and we’re here to put your mind through the motions! Join us for a turbocharged game show in a friendly competition with other Big Ten colleges. Power up with essential info and practical techniques to safeguard your digital life.

BTAA CISO Panel: Securing the Mission: Building Awareness and Resilience in Higher Ed

Thursday, Oct. 9, 2025 - 2-3 p.m.

IT professionals know that higher education institutions face security challenges that demand thoughtful, coordinated responses across many of our distributed environments. Addressing these challenges effectively requires not only structure and leadership but also a shared understanding of the complexity that underpins our work, all the while meeting the mission of teaching, learning and research. Our panelists will cover topics related to risk within our organizations, how to build and deliver a strong security awareness program and culture, and where they see the security space evolving to further educate and promote security in the higher education space.

Scary Cyber Tales: Don’t Let Your Data Go Bump in the Night

Wednesday, Oct. 22, 2025 - 2-3 p.m.

All users can benefit from this event, which is a spine-chilling journey into the real-life dangers of the digital world. We’ll share real-world stories of cyberattacks, data breaches, and online scams that will make you think twice about your digital security. Learn about the most common threats, from phishing and ransomware to malware and social engineering, and get practical tips on how to protect yourself. Join our team of cybersecurity experts for an hour of spooky tales and essential security lessons to ensure your digital life doesn’t turn into a scary cyber tale!

Rachel Tobac: Exploiting Trust - The Human Element of Security

Wednesday, Oct. 29, 2025 - noon -1 p.m.

IT professionals know that it only takes 1 email, a 30 second call, or 1 social media DM for her to hack you and gain access to your money, data, and systems. Meet Rachel Tobac, who executes these social engineering attacks for a living and uses her real-life ethical hacking stories to keep organizations up to date on the methods criminals are using to trick people. She’ll break down recent cyber attacks in the news, and how to defend against the latest hacking methods, even when criminals are using AI. Her tales from the field and live hacking demonstrations throughout the presentation are sure to keep you and your team “politely paranoid” to catch the next human hacker in the act.

2024

Application Security (DevSecOps) - May 22, 2024

With the goal of expanding role-based cybersecurity education, Cybersecurity Days is presenting a virtual, three-hour Microsoft Teams webinar focused on application security.

Agenda

8:30am: Webinar opens to attendees

9:00 - 9:15am: Agenda overview

DevSec

9:15 - 10:00am: Code Confidence – Marc Archuleta

DevSecOps best practices
Application scanning
Automation in the pipeline
Static and dynamic vulnerability scanners
LIVE DEMO

10:00 - 10:15am: Questions and answers

10:15 - 10:30am: Break

SecOps

10:30 - 11:00am: Container Services – Jeff McDonald

Why containers?
Kubernetes
Zero trust networking
Continuous deployment
Never deal with passwords again
LIVE DEMO

11:00 - 11:30am: Choose your own adventure discussion

11:30am - 12:00pm: University-provided tools, services and documentation

This session will be interactive. We aim to introduce tools and services that you and your team can use to improve the security of your products. At the discretion of your manager or unit, this session could be used to comply with ISCR IT7.10.1-2.

2023