HEISC Town Hall Webinar: 2012-2013 Strategic Plan Host: Larry Conrad CIO, UNC-Chapel Hill & HEISC Co-Chair.

Slides:



Advertisements
Similar presentations
Manatt manatt | phelps | phillips New York State Health Information Technology Summit Initiative Overview and Update Rachel Block, Project Director United.
Advertisements

Government, Education and Associations: Developing Partnerships to Grow Business Sectors Walter J. Recher Director Projects and Development Hospitality.
A comprehensive plan complied by Ms. Concetta DAlessio, Mr. Thomas Gelok, & Ms. Meghan Kilfeather of the University at Buffalo. DAlessio, Gelok, Kilfeather.
APNIC Update Paul Wilson Director General. Overview Priorities in 2009 IPv4 exhaustion IPv6 deployment Security Internet Governance Priorities in 2010.
Security Education and Awareness Workshop January 15-16, 2004 Baltimore, MD.
An Introduction to the “new” NCDB …a webinar for the National Deaf-Blind TA Network November 13, 2013 November 15, 2013 Presented by:
USG INFORMATION SECURITY PROGRAM AUDIT: ACHIEVING SUCCESSFUL AUDIT OUTCOMES Cara King Senior IT Auditor, OIAC.
REN-ISAC Research and Education Networking Information Sharing and Analysis Center AMSAC Update July 10,
BENEFITS OF SUCCESSFUL IT MODERNIZATION
David A. Brown Chief Information Security Officer State of Ohio
Information Security Policies Larry Conrad September 29, 2009.
Identity, Privacy, and Security: Higher Education Policy and Practice Rodney Petersen Government Relations Officer Director of Cybersecurity Initiative.
Higher Education Cybersecurity Strategy, Programs, and Initiatives Rodney Petersen Policy Analyst & Security Task Force Coordinator EDUCAUSE.
The topics addressed in this briefing include:
Affiliated Information Security Collaborative An Affiliated Enterprise Approach to Information Security Deans and Vice Presidents Meeting April 17, 2014.
Data Protection in Higher Education: Recent Experiences in Privacy and Security Institute for Computer Law and Policy Cornell University June 29, 2005.
1 Institutions as Allies in the Security Challenge Wayne Donald, Virginia Tech Cathy Hubbs, George Mason University Darlene Quackenbush, James Madison.
A Report on Progress toward the Strategic Goals Presented to the Valencia District Board of Trustees on behalf of the College Planning Council.
Company LOGO Leading, Connecting, Transforming UNC… …Through Its People Human Capital Management.
© 2003, EDUCAUSE/Internet2 Computer and Network Security Task Force Computer Access, Privacy and Security: Legal Obligations and Liabilities Rodney J.
Enterprise Security. Mark Bruhn, Assoc. VP, Indiana University Jack Suess, VP of IT, UMBC.
Copyright NSTC All rights reserved The North Shore Technology Council Sponsorship Presentation Lyn Kaplan – Sponsorship Committee.
BCNET Security Policies Jens Haeusser Information Security Officer, UBC and Chair, Security Working Group, BCNET Internet2 Joint Techs Vancouver, BC July.
Presented by Robin Kennedy, Director of Agency Relations, United for CHOICE!
Board on Career Development: Strategic Planning David E. Lee Chair Board on Career Development 25 February 2013.
THE HR APPRENTICERICHMOND THE HR APPRENTICE RICHMOND Marvelous Membership Mavericks.
Information Technology Master Plan
Value & Excitement University Technology Services Oakland University Information Technology Strategic Planning Theresa Rowe October 2004 Copyright Theresa.
Governance & Leadership Structure Influence Build Connect.
UCSF IT Update November 2013 Presenter: Joe Bengfort.
Conferences in the MGA Environment Panel of Conference Organizers (POCO) Seattle, WA July 2008 Joe Lillie Vice President – Member and Geographic.
AIAA’s Publications Business Publications New Initiatives Subcommittee Wednesday, 9 January 2008 Rodger Williams.
UAB IT Security Program Sallie Wright UAB AVP, Information Technology.
United We Ride: Where are we Going? December 11, 2013 Rik Opstelten United We Ride Program Analyst.
Arkansas Lions District 7-I Strategic Plan October, 2014.
EDUCAUSE 2014 Top Ten IT Issues. Today’s Agenda Introduction to EDUCAUSE IT Issues History & Methodology 2014 Top Ten IT Issues Selected Issues Reviewed.
Arkansas Lions Multiple District 7 Strategic Plan Adopted - May 18, 2012.
EECS 710: Information Security and Assurance Assignment #3 Brent Frye 10/13/
Welcome and Introduction to the Security Task Force Joy Hughes Co-Chair, Security Task Force Vice President and Chief Information Officer George Mason.
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
1 Free Help: State Support Team Technical Assistance Services 2012 MIS Conference February 15, 2012 Corey Chatis, State Support Team Jan Petro, CO Department.
NSF Cybersecuity Summit May REN-ISAC Goal The goal of the REN-ISAC is to aid and promote cyber security protection and response within the higher.
Converting Policy to Reality Designing an IT Security Program for Your Campus 2 nd Annual Conference on Technology and Standards May 3, 2005 Jacqueline.
The Direction of Information Security and Privacy in State Government Presented by Colleen Pedroza Chief Information Security Officer California State.
FMDG FMDG at Virginia Tech: A Synergestic Approach Virginia Tech Facilities Managers' Development Group : A Synergistic Approach Dawn Maxey, Facilities.
IT Security Policies and Campus Networks The dilemma of translating good security policies to practical campus networking Sara McAneney IT Security Officer.
Shared Assessment Committees Update ©2012 The Shared Assessments Program. All Rights Reserved.
UNCLASSIFIED Homeland Security Introduction to the National Cybersecurity & Communications Integration Center (NCCIC) “A Partnership for Strength” 1.
Welcome and Introduction to the Security Task Force Peter Siegel Co-Chair, Security Task Force Chief Information Officer and Vice Provost University of.
Vendor Management from a Vendor’s Perspective. Agenda Regulatory Updates and Trends Examiner Trends Technology and Solution Trends Common Issues and Misconceptions.
Globaliia.org From Dubai to Beijing (How we use your GC input) Anton van Wyk, Chairman of the Board.
Government and Industry IT: one vision, one community Vice Chairs April Meeting Agenda Welcome and Introductions GAPs welcome meeting with ACT Board (John.
1 Fellows 2010 – 2011 Leadership Strategy Session Meeting Materials September 28, 2010.
Friday Institute Leadership Team Glenn Kleiman, Executive Director Jeni Corn, Director of Evaluation Programs Phil Emer, Director of Technology Planning.
Resources for Meeting Internet Safety Requirements Cheryl Elliott James Madison University Bill Johnsen Virginia Beach City Public Schools Educational.
Program Overview and 2015 Outlook Finance & Administration Committee Meeting February 10, 2015 Sheri Le, Manager of Cybersecurity RTD.
Mgt Project Portfolio Management and the PMO Module 8 - Fundamentals of the Program Management Office Dr. Alan C. Maltz Howe School of Technology.
Earth’s Mightiest Heroes: Combating the Evils Lurking in Cyberspace
Information Security Program
Collaborative Innovation Communities: Bringing the Best Together
Higher Education Information Security Council
Strengthening CIO and CISO Collaboration on Security and Privacy
Overview of the Information Security Guide: Leveraging the Knowledge and Skills of Your Colleagues Cedric Bennett, Emeritus Director, Information Security.
CIO Constituent Group Meeting
Securing Critical Assets: Arizona’s Security & Privacy Initiatives
BUILDING A PRIVACY AND SECURITY PROGRAM FOR YOUR NON-PROFIT
SSarah The Value of Scholarly Communications Programming: Perspectives from Three Settings Sarah Beaubien • Scholarly Communications.
Enterprise/Security Alignment Review
Larry Conrad, Co-Chair and CIO at UNC-Chapel Hill
Corporate Program Update
Presentation transcript:

HEISC Town Hall Webinar: Strategic Plan Host: Larry Conrad CIO, UNC-Chapel Hill & HEISC Co-Chair

Today’s Agenda  Information security changes in the past 10 years  Ongoing challenges for security practitioners  HEISC strategic plan ( )  Vision  Mission  Goals & objectives  HEISC working group updates  What can you do?

Information Security Changes in the Past 10 Years  Threats: More serious – e.g., nation states, organized crime  Vulnerabilities: New technologies (e.g., social media, cloud, mobility) introduce new vulnerabilities  Impact: Confidentiality, Integrity, Availability (CIA) recognized as mission critical

On the Plus Side  Increased awareness  Greater investments, including security staff  Staff professional development and training  Improved organization across higher ed  Better tools  More policies and standards  More strategic, proactive outlook  More “effective practices” are available

Ongoing Challenges for Security Practitioners  Executive awareness and support  Technology changes: Mobility, outsourcing, cloud, IPv6  Benchmarks and metrics  Organizational dynamics: Centralized, distributed, and affiliated centers  Funding for IT security  Staff resources and training

Ongoing Challenges (Cont’d)  Data standards, governance, and risk management  Data protection tools  Student and employee awareness  Academic continuity and disaster recovery  Legislation and compliance  Research data and process  International collaboration  Vendor relationships

HEISC Vision  Guide academic institutions in their quest to safeguard data, information systems, and networks  Protect the privacy of the higher education community  Ensure that information security is an integral part of campus activities and business processes

HEISC Mission  Improve information security, data protection, and privacy programs across the higher education sector  Develop and promote leadership; awareness and understanding; effective practices and policies; and solutions for the protection of critical data, IT assets, and infrastructures  Accomplish activities through working groups of volunteers and staff  Coordinate and collaborate with government, industry, and other academic organizations

HEISC Goals 1. Establish the Information Security Guide as the premier resource for security professionals.Information Security Guide 2. Improve security-related interorganizational collaboration with higher education stakeholders. 3. Inform and educate campus leaders on information security issues by leveraging enterprise risk management (ERM) processes. 4. Help institutions leverage their investments with regard to all IT products and services. 5. Increase the effectiveness of communication efforts.

Objectives for Goal #1: Establish the Information Security Guide as the premier resource for security professionals  Toolkits, primers, and templates  Information security maturity model  Security requirements  Security practices in research environments  CISO duties and reporting line  Identity management (IdM) practices

Objectives for Goal #2: Improve security-related collaboration with higher education stakeholders  EDUCAUSE, Internet2, and the REN-ISAC  Core Data Service and EDUCAUSE Data, Research, and Analytics staff  Other higher education associations, industry groups, and government  Higher education information security professionals

Objectives for Goal #3: Inform & educate campus leaders on information security issues by leveraging ERM processes  ERM summit  Messaging, talking points, and presentation template  Other higher ed association meetings and conferences (e.g., URMIA, NACUBO, AAU)

Objectives for Goal #4: Help institutions leverage their investments with regard to all IT products and services  Vendor community outreach  Resources for IT products and services  Information sharing

Objectives for Goal #5: Increase the effectiveness of communication efforts  Higher ed security professionals, CIOs, IT leaders  Wealth of resources in the Information Security Guide  Issues and successes in the.edu domain  HEISC volunteer opportunities

Q&A HEISC Goals and Objectives

HEISC Working Groups  Awareness & Training (A&T)  Governance, Risk, & Compliance (GRC)  Technologies, Operations, & Practices (TOP)  Information Security Guide Editorial Board  Security Professionals Conference Program Committee  Research and Education Networking Information Sharing and Analysis Center (REN-ISAC)

Awareness & Training (A&T) Co-Chairs: Nicole Kegler & Ben Woelk  Student Poster & Video Contest  National Cyber Security Awareness Month in October  Executive Awareness Communications  Partnering with the IT Communications Group New!  Data Privacy Month in January New!  Security Awareness Metrics  Outreach and Marketing

Governance, Risk, & Compliance (GRC) Co-Chairs: Doug Markiewicz & David Escalante  Recent publications: Two-Factor Authentication, Data Incident Notification Toolkit,  Shared Assessments Project Team  Sensitive Data Exposure Incident Checklist New!  GRC Systems FAQ New!  Information Security Maturity Model New!  Essential Security Metrics New!  Top Info Security Concerns for Researchers New!

Technologies, Operations, & Practices (TOP) Co-Chairs: Jim Taylor & Marcos Vieyra  Recent publications: Mobile Internet Device Security Guidelines, Dropbox Security & Privacy Considerations, Full Disk Encryption Guide  Identify emerging technologies and their security implications New!  With the REN-ISAC, develop partnerships with vendors to improve information sharing  Facilitate state or local ISO gatherings New!

Information Security Guide Editorial Board Co-Chairs: Ced Bennett & Mary Dunker  Fresh look and feel New!  Emphasizing practical application of the Security Guide via conference presentations New!  Growing the content (nearly doubled in 2011)  Extending the Guide's exposure and reach (even beyond EDU) New!

Security Professionals Conference 2012 Program Chair: Jodi Ito & Vice Chair: Paul Howell  May 15-17, 2012 in Indianapolis, IN  10th annual conference  Focused on information security in higher ed  Premier forum for networking with security professionals  Theme: Security Everywhere: Exploring the Expanding World of Security 

REN-ISAC Technical Director: Doug Pearson  Membership growth  Growth in relationships  Involvement in strategic industry groups  Implementation of Security Event System  Community Security  Partnership with SANS  Engagement in international standards work  Handling of 0-day vulnerability communications  Increase in number of notifications  Additional staff  Contact:

Q&A HEISC Working Groups

What Can You Do?  Join the Security Discussion Group:  Volunteer:  Find resources:  Attend Security 2012:  Follow us:  Contacts:  Valerie Vogel  Rodney Petersen

Look for These Hot Topics in 2012…  Metrics & Benchmarking  Cloud Computing & Services  Consumerization & Mobility  Enterprise Risk Management  IPv6  Privacy  Federated IdM  Addressing the decentralized university from a security perspective

Thank you for participating! If you’d like to get in touch with our speakers, please send an to

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.