Advancing Security Programs through Partnerships Cathy HubbsShirley Payne IT Security Coordinator Director for Security Coordination & Policy George Mason.

Slides:

Advertisements

Similar presentations

WHO, WHAT, HOW Your Internal Audit Team …by your side. …at your service. …in your best interests.

Advertisements

Culture Change: What IT Takes to Create a Quality Customer Service Environment Presented By: Anne Agee, Executive Director, Division of Instructional and.

Project Management Methodology for IT How much is too much? It depends! Copyright John Barden, David Allen, Doug Ryan This work is the intellectual.

A Successful Help Desk Process for all IT Support

Copyright Kathy J. Lang and Ed Mahon, This work is the intellectual property of the authors. Permission is granted for this material to be shared.

Technology Across the Curriculum Programs Keys to Success Beth Secrist, TAC Coordinator Copyright Beth Secrist, This work is the intellectual property.

Copyright Policy Copyright Cathy O’Bryan This work is the intellectual property of the author. Permission is granted for this material to be shared.

Southeast Regional Educause Conference, June 6, 2005 The Learning, Teaching and Innovative Technologies Center (LT&ITC): A Partnership to Support Faculty.

While You Were Out: How Students are Transforming Information and What it Means for Publishing Kate Wittenberg The Electronic Publishing Initiative at.

Making Sense out of the Information Security and Privacy Alphabet Soup in terms of Data Access A pragmatic, collaborative approach to promulgating campus-wide.

Crisis Communications for Security Issues: A Nightmare You Can Manage Marilu Goodyear Donna Liss Allison Rose Lopez Jenny Mehmedovic The University of.

EDUCAUSE 2001 TLT meets DE: Merging Planning and Support for Distance Education and Instructional Technology Thomas K. Miller III Vice Provost for Distance.

Copyright Ellen C. Ramsey and Ryan P. Looney This work is the intellectual property of the author. Permission is granted for this material to be.

Supporting and Hosting Web- Based Learning Systems Educause 2001 Charlene Douglas – Director Kathryn Gomm - Training Manager Sharon McCarrager – Accessibility.

Andrea Eastman-Mullins Information & Technology Coordinator University of North Carolina, Office of the President Teaching and Learning with Technology.

Making the Case for Security: An Application of the NIST Security Assessment Framework to GW January 17, 2003 David Swartz Chief Information Officer Guy.

Yale University Information Technology Services Administrative Systems Art Hunt 3/22/04 Software Service Level Agreement with Finance, Procurement and.

Copyright Jill M. Forrester This work is the intellectual property of the author. Permission is granted for this material to be shared for non- commercial,

Educause Security 2007ISC Information Security Copyright Joshua Beeman, This work is the intellectual property of the author. Permission is granted.

Serving the Research Mission: An Approach to Central IT’s Role Matthew Stock University at Buffalo.

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

Implementing Administrative Systems? You need an Evolution, not a Revolution! UNIVERSITY OF WASHINGTON Copyright [your name] [year]. This work is the intellectual.

UWM CIO Office A Collaborative Process for IT Training and Development Copyright UW-Milwaukee, This work is the intellectual property of the author.

Pam Downs Ajay Gupta The Pennsylvania Prince George’s State University Community College "Copyright Penn State University This work is the intellectual.

Steve Neiheisel Industry Consultant Creating a Technology Forum for the Whole Campus Presented by Executive Services of Jenzabar (c) Copyright 2006 Jenzabar,

Chatham College Community and Computers Pervasive Computing at a Liberal Arts College Charlotte E. Lott, Ph. D. Lynda Barner West, Ed. D. Copyright Charlotte.

1 I2 Security Professionals Workshop - May, 2004 Partnering for Success in the Security Discussion at Northeastern Gaining Traction through Influence Glenn.

1 IT Security-related Legislation Judy Borreson Caruso CUMREC 2004 May 18, 2004 Copyright Judy Borreson Caruso, This work is the intellectual property.

NLII Mapping the Learning Space New Orleans, LA Colleen Carmean NLII Fellow Information Technology Director, ASU West Editor, MERLOT Faculty Development.

Copyright Shanna Smith & Tom Bohman (2003). This work is the intellectual property of the authors. Permission is granted for this material to be shared.

Data Protection in Higher Education: Recent Experiences in Privacy and Security Institute for Computer Law and Policy Cornell University June 29, 2005.

Copyright Marilyn Drury, Darrell Fremont, Doreen Hayek, This work is the intellectual property of the authors. Permission is granted for this material.

Security Awareness: Taking the Medicine and Liking It Shirley C. Payne Director for Security Coordination University of Virginia EDUCAUSE Conference October.

1 Institutions as Allies in the Security Challenge Wayne Donald, Virginia Tech Cathy Hubbs, George Mason University Darlene Quackenbush, James Madison.

Information Security Governance in Higher Education Policy2004 The EDUCAUSE Policy Conference Gordon Wishon EDUCAUSE/Internet 2 Security Task Force This.

Copyright - L. Thanasides, 2002 Using the Right FACTS Can Be Informative: Florida’s Statewide Student Information System Linda Thanasides Marsha Stickel.

Center for Instructional Technology James Madison University Strategies for Transitioning to the Age of Digital Media Sarah E. Cheverton James Madison.

1 Fighting Back With An Alliance For Secure Computing And Networking Wayne Donald, Virginia Tech Cathy Hubbs, George Mason University Darlene Quackenbush,

Classroom Technologies Re-organization Copyright Kathy Bohnstedt, This work is the intellectual property of the author. Permission is granted for.

Lynette Olson, Assessment & Effectiveness Director & Gary Langer, Associate Vice Chancellor, Office of the Chancellor, Minnesota State Colleges and Universities.

Please Note: Copyright –David L. Snellman This work is the intellectual property of the author. Permission is granted for this material to be shared.

Copyright Jack Chambers, This work is the intellectual property of the author. Permission is granted for this material to be shared for non- commercial,

ASK ME The ASK ME Program Putting Support at the Center: A New Model for Help Desk Staffing Presented By: Ann Genovese and Kathy Gillette George Mason.

Your Internal Audit Team …by your side …at your service …in your best interests.

Managing Intellectual Property for Distance Learning Liz Johnson Project Manager Advanced Learning Technologies Board of Regents of the University System.

Building the Integrated Learning Center Having the right people at the table Chris Johnson, Senior Consultant for Learning Technologies University of Arizona.

Value & Excitement University Technology Services Oakland University Information Technology Strategic Planning Theresa Rowe October 2004 Copyright Theresa.

March 21, 2006 NERCOMP 2006 Worcester, Massachusetts 1 Copyright Sunny Donenfeld, This work is the intellectual property of the author. Permission.

Copyright Copyright University of Washington This work is the intellectual property of the author. Permission is granted for this material to be.

Collaborative Co-Design: An Evidence-Based User-Centric Approach for Assessment and Advancement of Organizational Learning. Mary M. Somerville, MA, MLS,

A Tale of Two Collaborators: Successful Collaboration Between IT and Library Services Pat Kohrman, Deena Morganti, John Shank Copyright Pat Kohrman, Deena.

Safeguarding Research Data Policy and Implementation Challenges Miguel Soldi February 24, 2006 THE UNIVERSITY OF TEXAS SYSTEM.

NLII05 Annual Meeting Professional Development of Faculty and Instructional Technology Staff through Communities of Practice University of Memphis: Technology.

Copyright [Dr. Michael Hoadley, Chat Chatterji, and John Henderson ] [2004]. This work is the intellectual property of the authors. Permission is granted.

A Strategy for Moving from Commercial to an Open Source Environment Jeshua Pacifici, GEDI Assistant Director and Learning Systems Consultant.

1 Effective Incident Response Presented by Greg Hedrick, Manager of Security Services Copyright Purdue University This work is the intellectual property.

Quickly Establishing A Workable IT Security Program EDUCAUSE Mid-Atlantic Regional Conference January 10-12, 2006 Copyright Robert E. Neale This.

Resources for Meeting Internet Safety Requirements Cheryl Elliott James Madison University Bill Johnsen Virginia Beach City Public Schools Educational.

Chief Information Officer Effectiveness in Higher Education Wayne Brown, Ph.D. Copyright Wayne Brown This work is the intellectual property of the.

Copyright Michael White and Sylvia Maxwell, This work is the intellectual property of the author. Permission is granted for this material to be shared.

© Scottsdale Community College Leveraging the Power of E-Learning Taking your course to a higher level Presented by Sidne Tate Director, Instructional.

Breaking Down Barriers & Building Bridges Improves Customer Satisfaction & Efficiency Wendy Woodward | March 15, 2011 Copyright Wendy Woodward 2011.

Information Security and Internal Audit

Collaborative Facilities for Partnerships

Julian Hooker Assistant Managing Director Educause Southwest

Decentralization in a Centralized IT Environment

Redesigning College Teaching at Sacramento State University

Project for OnLine Instructional Support (POLIS)

myIS.neu.edu – presentation screen shots accompany:

EDUCAUSE Networking 2002 Washington, D.C. April 17, 2002

Presentation transcript:

Advancing Security Programs through Partnerships Cathy HubbsShirley Payne IT Security Coordinator Director for Security Coordination & Policy George Mason UniversityUniversity of Virginia Copyright Cathy Hubbs and Shirley Payme This work is the intellectual property of the authosr. Permission is granted for this material to be shared for non- commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the author.

IT Security Office Landscape 20 percent of the U.S. institutions surveyed have a full-time chief IT security officer At 22 percent of the institutions, IT security is the responsibility of a single individual 95 percent of the IT security officers report to a senior administrator in the IT office, including 50 percent who report to the CIO Coordinator Model

Responsibilities of Security Officers Policy Development Compliance Awareness Education & Technical Training Risk Assessment & Business Continuity Strategic Planning Incident Detection & Response Technical Communications (Alerts) Security Champion

These Responsibilities Require Many Roles To Be Filled Policy Writer Champion Teacher Strategic Planner Watch Dog Technical Expert Communications Expert Lawyer Enforcer Sage Etc., etc., etc.

Etc.! Lawyer Enforcer Sage Communications Expert Technical Expert Strategic Planner Watch Dog Champion Teacher Policy Writer

Executive Staff Executive Level Champions Tom Hennessey, Chief of Staff, George Mason University

Faculty, Staff, & Student Leaders Chief of Human Resources Dean of Students Dorm Resident Advisors Student Honor Committee

Central IT- Computer Group Network Engineers System Engineers Desktop Support Technicians Support Center (help desk) Instructional Designers

Systems Administrators Contribute to development of guidelines and policies Assist in defining security awareness and education priorities Act as security champions in their departments Disseminate security alerts within their departments

Security Officers Communities of Practices Multiple Perspectives Reuse (no need to reinvent) EDUCAUSE VA SCAN

Researchers & Educators Partners in grant opportunities Participate in awareness events Share news of research frontiers in security

Advisory Committees Established committees and ad hoc focus groups Review new guidelines, standards, policies Assist in defining awareness & education priorities

Internal Auditors Define Risk Assessment priorities And more…

Barbara Deily, U.Va. Audit Director Fraud Investigation: Investigations coordinated Expertise shared Audit reporting channels leveraged Policy Implementation: Policy acceptance improved Audit enforcement “Big Stick” available Software Development and New Technology: Internal controls built in Assurance added Much Easier To Move Forward Together On Security Vision

Legal Office Interpret regulations HIPAA Gramm-Leach Bliley-Act (GLBA) FERPA Advise on new policies Counsel on incident handling Notify of new or pending legislation

Police Department Knowledge sharing Assist during investigations of security breaches and responsible use issues like cyberstalking IT security awareness initiatives combined with general security & safety

Public Relations Experts Design professional literature Communicate alerts, events and other information Produce creative marketing tools that deliver the security message in unique and innovative ways, e.g. the U.Va. video

Etc.! Lawyer Enforcer Sage Communications Expert Technical Expert Strategic Planner Watch Dog Champio n Teacher Policy Writer Remember This Unhappy Juggler of Roles?

Partnerships Make All The Difference! Provide greater flexibility Ease access to others' competencies Share labor Share knowledge capital

Etc.! Legal Office Auditors/ Police Researchers & Educators Public Relations Central IT Other Security Officers System Administrators HR/ Dean of Students Advisory Committees Enhanced Security Program You Get Your Sanity Back! Executives

Making Partnerships Work

Choose Partners Carefully Should have common goals Should be recognized benefits on both sides Should be based upon mutual trust

Manage the Partnership Set realistic expectations Communicate well Resolve issues quickly Periodically review partnership health Recognize their contributions

Questions?