Michael Menne IT Solutions Chief Information Security Officer National Cybersecurity Awareness Month Living in an Online World – Everyday Security Michael Menne IT Solutions Chief Information Security Officer
Why is Information Security Critical? New York Times 125 articles in 2013 700 articles in 2014 Verizon Data Breach Investigations Report (DBIR) 2015 70 Contributing Organizations 79,790 Security Incidents 2,122 Confirmed Data Breaches Forbes Ten-fold growth from 2012 to 2023 $60B to $639B 2013 2014 New York Times Articles 125 700+ Security Incidents 63,437 79,790 Data Breaches 1,367 2,122 Security Spending $60 billion (2012) $639 billion (2023) ITS Budget $5.0 Million (FY14) $4.8 Million (FY16)
What are the biggest risks to securing our data at Minnesota State? Awareness and Education Resources Human Capital Recurring costs versus one-time costs Old software and devices Mobile Devices Onerous legal requirements and processes Industry statistics $60B growth from 2012 to 2023 MSU isn’t growing at that pace. Our budgets are declining. 5.0B in 2013 to $4.8M in 2016
What are we doing right? Public Jobs, Private Data StarID Password Requirements System wide D2L Security Education Training Information Privacy and Security Policy Student Education Records Policy Review Directory Data Minnesota State System Office Policies, Procedures, Guidelines Budget Prioritization National Cybersecurity Awareness Month
National Cyber Security Awareness Month at MSU Everyday Security - Four Ps Passwords Phishing Patching Protect your Devices Cyber Security Guest Speaker Series Dr. Christophe Veltsos aka Dr. InfoSec – Oct. 3 Jeff Evenson – Oct. 12 Ryan Manship – Oct. 19 Craig Munson – Oct. 26 Dr. Christophe Veltsos aka Dr. InfoSec – Oct. 3 Faculty at Minnesota State Mankato Jeff Evenson – Oct. 12 Principal Security and Business Continuity Analyst at AgStar Ryan Manship – Oct. 19 Practice Director at RedTeam Security Craig Munson – Oct. 26 CISO – Minnesota State System Office
How can you help? Phishing
How can you help? Phishing Don’t be an easy target! Think before you click! Be suspicious! Dear e-mail user: Money transfer IMMEDIATE ACTION! Within 2 hours, 75% of opened phishing e-mails are clicked 92% compromised login/password
How can you help? Patching
How can you help? Patching Unpatched systems = Easy targets Keep software up to date Windows Update Apple Software Update 3rd party applications Keep mobile devices up to date Newer devices have monthly patches
How can you help? Protect your devices!
How can you help? Protect your devices! Use IT Solutions Center to reimage technology devices when purchased, moved, or transferred Use IT Solutions Center to recycle old technology Keep track of all devices at all times Especially mobile devices Use only apps from trusted app stores Google Play Apple App Store Microsoft Store
00711891 Purchased: August 1992 Sold: October 1999 Found: September 2016
00885648 Purchased: July 1996 Lost: August 2003 Found: September 2016
How can you help? Everyday Security All month long Promote National Cyber Security Awareness Month within each division / college Promote National Cyber Security Awareness Month with peers at other institutions All year long Partner with IT Solutions Information Security to improve our data practices and reduce risk to our data Watch for e-mails from IT Solutions Center Watch IT Solutions Information Security website https://www.mnsu.edu/its/security Join IT Solutions for a Data Privacy Day event in Jan. 2017
Questions