Cybersecurity Education¶
A secure cloud service provider will educate their employees on cybersecurity measures, testing them persistently to ensure their knowledge is satisfactory.
Reviewing Development and Engineering Training¶
KSI-CED-DET
Former ID: KSI-CED-03
Changelog:
- 2026-02-04: Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes.
Persistently review the effectiveness of role-specific training given to development and engineering staff that covers best practices for delivering secure software.
Related SP 800-53 Controls: CP-3, IR-2, PS-6
Terms: Persistently
Reviewing General Training¶
KSI-CED-RGT
Former ID: KSI-CED-01
Changelog:
- 2026-02-04: Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes.
Persistently review the effectiveness of training given to all employees on policies, procedures, and security-related topics.
Related SP 800-53 Controls: AT-2, AT-2.2, AT-2.3, AT-3.5, AT-4, IR-2.3
Terms: Persistently
Reviewing Response and Recovery Training¶
KSI-CED-RRT
Former ID: KSI-CED-04
Changelog:
- 2026-02-04: Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes.
Persistently review the effectiveness of role-specific training given to staff involved with incident response or disaster recovery.
Terms: Incident, Persistently, Vulnerability Response
Reviewing Role-Specific Training¶
KSI-CED-RST
Former ID: KSI-CED-02
Changelog:
- 2026-02-04: Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes.
Persistently review the effectiveness of role-specific training given to employees in high risk roles, including at least roles with privileged access.
Related SP 800-53 Controls: AT-2, AT-2.3, AT-3, SR-11.1
Terms: Persistently