Skip to main content

Cybersecurity Training

Training Overview

Phishing campaigns and cyber-attacks are on the rise and Vanderbilt has seen a marked rise in these types of attacks.  These events have impacted the Vanderbilt community both personally and professionally.  Vanderbilt community members are our first line of defense to mitigate these types of attacks. We all need to be well-trained with the right set of cybersecurity knowledge to identify threats and protect the University and its assets.

Vanderbilt currently offers cybersecurity training to all of its employees to better protect Vanderbilt systems and data from those with malicious intent.  The cybersecurity training is delivered through Oracle Learn (Click here for Foundational Security Training for Vanderbilt Employees).

There is not just one step you can take to keep yourself secure.  Security is an entire program of multiple solutions that, when used together, keep you safer.

Training Access and Completion

All faculty, staff and students can access training resources online in Oracle Cloud through the Oracle Learning module.  Access a guide here.  View current Learning here.  

  • Staff are required to complete the training within 60 days of assignment or within 2 weeks for new hires.
  • Faculty, Post-Docs, Professional and Graduate students are strongly encouraged to take the training.
  • Click here to take the training.

You can view all of your completed trainings in Oracle Learning. Login to Oracle using your VUnetID. Under the Me tab, select Learning and View Transcript. Click here to go directly.  For a helpful guide on viewing your transcript in Oracle Learning, click here.

  • Contact VUIT Support by opening a ticket.
  • Reference the Additional Resources below for detailed information on a variety of cybersecurity topics.

Vanderbilt University Cybersecurity Additional Resources

Information such as a phishing definition, example emails and what do if you think you accidentally clicked a malicious link can be found here.

Information on meeting preparation, setting up equipment, securing your meeting and more can be found here.

Advice on remote work, equipment prerequisites and recommended applications can be found here.

Guidelines for on what to do before your trip, while traveling and after your return can be found here.

  • Yes, VUIT maintains and makes available a Virtual Private Network (VPN) service.  For more information on how to connect to the VPN click here.
  • If you need advice on when to use the VPN please contact VUIT Support by any of the methods listed on our website.
  • As a matter of best practice, every modern operating system has a solution to encrypt your device’s internal and external hard drives. Use solutions such as Bitlocker on Windows, FileVault on Mac, or LVM with encryption on Linux to encrypt your disks. If a thief comes into possession of your device, they will not be able to simply pull the hard drive out and access your data – as it is encrypted. 
  • If you have a VUIT managed computer, VUIT deploys and manages your encryption so that you don’t need to take any additional steps.  
  • If you would like help determining the best encryption method for your machine, please contact VUIT Support by any of the methods listed on our website.

Use of a personal device, also known as BYOD (Bring Your Own Device), is not prohibited, and VU currently does not have an approval or permission process for BYOD. However, whenever possible, institutionally owned and managed devices should be used when conducting university business. This is because VU does not have sufficient ability to effectively detect and respond to security incidents involving institutional data on personally owned devices. If BYOD is used, it must never be used to store sensitive institutional data. Additionally, the device owner must ensure that it meets minimum security requirements (e.g. ensure physical security, utilize access protection such as password or fingerprint, have an inactivity timeout, run an up-to-date operating system, etc.). If a personally owned device disrupts the functionality of the university network, it could be banned to prevent further disruption. 

Security related policies are under development to better inform the VU community and protect its assets. Our security policies are listed below:  


Topics Covered 


Appropriate Use of Technology Assets Policy

(Formerly Acceptable Use Policy, AUP

  • General use and ownership 
  • Unlawful and inappropriate use 

  • System/network misuse 

  • Email/communications 

  • Blogging/social media 

  • Privacy 

  • Intellectual Property (IP) 

  • Individual responsibilities 

  • BYOD (personal devices) 

Appropriate Use of Technology Assets

Information Security Policy 

  • Security governance and oversight 
  • Roles and responsibilities 

  • Training 

Information Security