11 May 2026 – IT-Security & Awareness Cybersecurity in a nutshell: Online training for employees
Three new digital awareness training courses offer employees a concise introduction to key IT security topics during the summer semester: password security and MFA, spam and phishing, and security while working from home. These online training courses help employees recognize and avoid common IT risks in their day-to-day work at the university. The training courses are part of the program to increase IT resilience and complement technical protective measures by promoting awareness of digital threats and strengthening security competence in the workplace.
25 Minutes for Greater Digital Security
IT security is a shared responsibility that affects everyone:
Many attacks target not only technical vulnerabilities but also user behavior. Weak passwords, deceptively authentic phishing emails, or unprotected access points in mobile work environments can quickly become gateways for cybercriminals.
Speaker Jochen Kurz works on the core team of the state federation bwInfoSec and is familiar with both typical attack scenarios and the needs and challenges at Heidelberg University. In 25-minute sessions, he provides practical guidance on how to identify and reduce risks—in a way that is understandable, relevant to everyday life, and immediately applicable.
Dates & Topics
- Thursday, May 21, 2026: Password Security & MFA
- Wednesday, June 3, 2026: Spam and Phishing
- Wednesday, July 1, 2026: Security in the Home Office & on the Go
Presenter: Jochen Kurz, Core Team bwInfosec, Reutlingen University Service Center.
Start / Duration: Each session begins at 2:00 p.m.; duration approximately 25 minutes.
Participation: All events take place online (heiCONF), are aimed at employees, and are free of charge. Registration is not required.
Cybersecurity in a Nutshell: heiCONF Information Security Room
In addition to IT security awareness training, bwInfoSec offers further services for colleges and universities in the state in the areas of information security management, vulnerability management, emergency management, and much more.
- Password Security & MFA: All employees are responsible for choosing a strong password. In addition, multi-factor authentication (MFA) should be set up whenever possible. Even if an attacker obtains your password, they cannot log in without the second factor.
How do you generate a strong, secure password? What are our password policies? How exactly do you set up MFA?
- Spam & Phishing: Phishing is a commonly used method for stealing login credentials. Phishing attacks now also target specific individuals and often include personal details to build trust. How do you recognize the most common scams? What is the best way to handle such attempts at deception? Where and how can you report phishing attacks?
- Security in the home office and on the go: Flexible working opens up new vulnerabilities for cybercriminals, e.g., through unprotected Wi-Fi networks. What specific steps can you take to secure the network in your home office? How can you ensure a secure workspace at home and on the go?
Three reasons why your participation is important:
- Protect your data: Gain fundamental knowledge about IT security and learn specific steps you can take.
- Training is necessary because cyberattacks are becoming more frequent, more sophisticated, and more complex. After the attack is before the attack.
- Anyone who recognizes typical patterns and responds appropriately can prevent security incidents or limit their impact.