We provide a variety of cybersecurity awareness training, information, and resources to everyone using IT resources at UVA to help them protect both their, and UVA's, digital resources. Prime among the various resources is our security awareness training.
Information Security Awareness Training (ISAT) and High Security Awareness Training (HSAT)
All users should complete information security awareness training each year (annually). If you are an employee of UVA (e.g., faculty, staff, contractors, or student employee), you can take the Information Security Awareness Training (ISAT) at any time if you wish. For further details, please visit our ISAT webpage.
If you have, or want to have, access to the High Security VPN (HSVPN) then you must complete the High Security Awareness Training (HSAT) each calendar year (annually). Completing the Student CyberSecurity Awareness Training or the Information Security Awareness Training (ISAT) will not satisfy the requirement for HSVPN access. For further details, please visit our HSAT webpage.
Student CyberSecurity Awareness Training (SCSAT)
All UVA student users must complete the Student CyberSecurity Awareness Training (SCSAT) course as part of their matriculation (onboarding) to UVA. For further details, please visit our ISAT webpage.
If you have any questions or concerns, please email us at [email protected].
Education & Training Options
We can train your department on security best practices and current topics. Please go to the ITS Service Catalog to request Information Security Training. The established sessions offered include:
Phishing — How to identify phishing messages in a short, interactive presentation (~ 15-20 minutes)
Monthly webinars — Various speakers and topics related to keeping your and UVA's data and accounts secure.
Security Best Practices — How to protect your data and identity while using the Internet, messaging, or social media; includes phishing identification (~ 30-45 minutes)
Security While Traveling — How to protect your data and identity while traveling, whether domestic or international; includes phishing identification (~ 30 minutes)
If you need other types of security education and training, let us know by selecting the Other option on the Security Training item in the ITS Service Catalog and providing more details as to what you need.
Phishing Simulation — This is a custom phishing email for your unit that is non-punitive. The recipients receive a custom-designed messages that looks similar to areal phishing message. The goal is to promote awareness about the dangers of phishing. Click here to request a customized phishing simulation that meets your needs/business requirements. We will work with you to develop the simulation and provide the results.