The Security Services team provides State agencies with a common statewide strategy for secure, effective, and technically sound use of the State's information technology resources. The team is responsible for the establishment of Security Policies, Security Guidance, Security Awareness, and is a source of IT security information for State agencies.

Security Awareness Training​

Customer Responsibility



Each Agency is required to assign a Security Awareness Training manager for the agency.  The Agency Security Awareness Manager is required to maintain updated employee information to include employee additions, deletions and changes in employment status.

Eligible Customers

Enterprise State of MD Agencies Yes
Standalone (non-Enterprise) State of MD Agencies Yes
Counties (waiting to hear from procurement) No
Local Municipalities (waiting to hear from procurement) No
Public No

DoIT has an established Infosec contract from which country and local partners can purchase Infosec software, maintenance and support. Please visit the DoIT website under Procurement & Contracts for details.


Scope of Service


This section outlines the area of responsibility between the provider (DoIT) and the customer.

In Scope:

  • Agency Managers are required to maintain employee information to include additions, deletions and changes in employment.DOIT will manage and maintain the INFOSEC IQ platform as it relates to the State of Maryland.

Out of Scope:

  • Significant customizations that are not covered by the current contract.
  • Onsite training




The Maryland Department of Information Technology (DoIT) offers Security Awareness Training through Infosec Institute INFOSEC IQ. This training is specifically related to SB 553 (CH0467), State Government - Security Training - Protection of Security-Sensitive Data.

Features and Benefits

Training Content Library include but are not limited to:

  • Malware & Phishing
  • Social Engineering
  • Privacy & PII
  • Mobile Security
  • Password Security
  • Compliance
  • Physical Security & Hardware
  • Secure Applications Development
  • Web-Based Threats
  • Privacy & Data Protection
  • Personal Security
  • Advanced Cybersecurity & Risk Management
  • Network Security
  • GDRP
  • Cloud Security
  • Administrative Modules
  • Additional Training modules are available
  • Email Phishing Campaign

Department. Owner:

Security Services

Service Owner:

Derek Wheeler


(410) 697-9396 Office

Support Contact:

DoIT Service Desk


(410) 697-9700  


Currently offered

Service Level Agreements

Vendor Dependent
56,000 Licenses
Service Hours: Training is available 24 hrs a day
Maintenance Scheduled:
    Vendor Dependent
    Upgrades and Refreshes:
    Vendor Dependent

      Cyber Security-Security Awareness and Training - Service Agreement FY21


      Service Prerequisites


      Before service can be offered the client must meet the following requirements:

      DoIT Provided Services: None
      Technical: State of MD Agencies must provide CSV file for all employees required to participate in the INFOSEC IQ Security Awareness Training to DOIT Security Services
      Non-Technical: State of MD Agencies are required to submit a Security Awareness Training Plan identifying Agency assigned Security Awareness Managers to the DOIT Security Services


      ​Each State of MD Agency is required to submit a CSV File. The CSV File should include all employees and contractors information to include first name, last name, email address and Group/Agency before the INFOSEC IQ Security Awareness Training can be configured.

      User Guides

      Human Trafficking GET HELP

      National Human Trafficking Hotline - 24/7 Confidential

      1-888-373-7888 233733 More Information
      on human trafficking in Maryland

      Customer Service Promise

      The State of Maryland pledges to provide constituents, businesses, customers, and stakeholders with friendly and courteous, timely and responsive, accurate and consistent, accessible and convenient, and truthful and transparent services.

      Take Our Survey

      Help Stop Fraud in State Government

      The Maryland General Assembly’s Office of Legislative Audits operates a toll-free fraud hotline to receive allegations of fraud and/or abuse of State government resources. Information reported to the hotline in the past has helped to eliminate certain fraudulent activities and protect State resources.

      More Information