Richard J Self - University of Derby 1 Governance Strategies for the Cloud, Big Data and other Technologies in Education Richard J Self BA LLM MBCS FHEA.

Slides:

Advertisements

Similar presentations

The Conceptual Framework of mLearning Security for University in Thailand Sarawut Ramjan Department of e-Commerce Management North-Chiang Mai university.

Advertisements

A centre of expertise in digital information managementwww.ukoln.ac.uk Approaches To E-Learning: Developing An E-Learning Strategy Brian Kelly UKOLN University.

ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.

ACG 6415 SPRING 2012 KRISTIN DONOVAN & BETH WILDMAN IT Security Frameworks.

Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.

Educational Outcomes: The Role of Competencies and The Importance of Assessment.

Security Controls – What Works

Information Security Policies and Standards

Internal Control Concepts Knowledge. Best Practices for IT Governance IT Governance Structure of Relationship Audit Role in IT Governance.

© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart1 of 222 C HAPTER 7 Information Systems Controls for Systems.

Stephen S. Yau CSE465 & CSE591, Fall Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,

ISO 17799: Standard for Security Ellie Myler & George Broadbent, The Information Management Journal, Nov/Dec ‘06 Presented by Bhavana Reshaboina.

Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.

Geneva, Switzerland, 14 November 2014 Data Protection for Public Cloud (International Standard ISO 27018) Stéphane Guilloteau Engineer Expert, Orange Labs.

First Practice - Information Security Management System Implementation and ISO Certification.

SOX & ISO Protect your data and be ready to be audited!!!

Cloud Usability Framework

Towards EU big data economy Kimmo Rossi European Commission

National Smartcard Project Work Package 8 – Security Issues Report.

1 HIPAA Security Overview Centers for Medicare & Medicaid Services (CMS)

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Cyber Basics and Big Data. 2 Semantic Extraction Sentiment Analysis Entity Extraction Link Analysis Temporal Analysis Geospatial Analysis Time Event Matrices.

Evolving IT Framework Standards (Compliance and IT)

Overview Of Information Security Management By BM RAO Senior Technical Director National Informatics Centre Ministry of Communications and Information.

Information Systems Security Risk Management. © G. Dhillon All Rights Reserved Alignment Glenmeade Vision To provide a personalized experience to our.

Chapter 3 The Internet micro-environment

Whitacre College of Engineering Panel Interdisciplinary Cybersecurity Education Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity.

Enterprise Privacy Architectures Leveraging Encryption to Keep Data Private Karim Toubba VP of Product Management Ingrian Networks.

Frankfurt (Germany), 6-9 June 2011 IT COMPLIANCE IN SMART GRIDS Martin Schaefer – Sweden – Session 6 – 0210.

Chapter Three IT Risks and Controls.

Risk Assessment. InfoSec and Legal Aspects Risk assessment Laws governing InfoSec Privacy.

ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:

Federated or Not: Secure Identity Management Janemarie Duh Identity Management Systems Architect Chair, Security Working Group ITS, Lafayette College.

Security Standards and Threat Evaluation. Main Topic of Discussion  Methodologies  Standards  Frameworks  Measuring threats –Threat evaluation –Certification.

Databases and progression. Learning objectives Distinguish between branching tree (binary), flat file, relational and spreadsheet databases Begin to explore.

Internet Banking Key Issues Internet Banking Working Group May 14, 1998.

IT Governance: COBIT, ISO17799 & ITIL. Introduction COBIT ITIL ISO17799Others.

Project co-funded by the European Commission within the 7th Framework Program (Grant Agreement No ) Business Convergence WS#2 Smart Grid Technologies.

1 Chapter Nine Conducting the IT Audit Lecture Outline Audit Standards IT Audit Life Cycle Four Main Types of IT Audits Using COBIT to Perform an Audit.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Classification of information No. 6 The purpose of categorising records is to distinguish their place and value in the business and is based on the following.

Frankfurt (Germany), 6-9 June 2011 Iiro Rinta-Jouppi – Sweden – RT 3c – Paper 0210 COMMUNICATION & DATA SECURITY.

On Requirements for Mobile Commerce By Aj.Pongthep Termsnguanwong.

DIGITAL SIGNATURE.

Features Governmental organization Critically important ICT objects Distributed infrastructure Three levels of confidentiality Dozens of subsidiary organizations.

International Security Management Standards. BS ISO/IEC 17799:2005 BS ISO/IEC 27001:2005 First edition – ISO/IEC 17799:2000 Second edition ISO/IEC 17799:2005.

Bring Your Own Technology Janet Sanders Harris County High School Media Center.

Introduction and Overview of Information Security and Policy By: Hashem Alaidaros 4/10/2015 Lecture 1 IS 332.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

ICT CAPABILITY APPLYING SOCIAL AND ETHICAL PROTOCOLS AND PRACTICES WHEN USING ICT Typically by the end of Prep, students Typically by the end of Year 2,

IS3220 Information Technology Infrastructure Security

Your Cyber Security: The scope of your risk is broad and growing To understand the nature of the risk landscape look at the presentations here today-begin.

Information Security tools for records managers Frank Rankin.

Society for Maintenance and Reliability Professionals (SMRP)

An Information Security Management System

Cloud Security for eHealth – Study Validation

Risk management.

BUSINESS CONTINUITY BY HUI ZHENG.

Current ‘Hot Topics’ in Information Security Governance Auditing

THE POTENTIAL FOR BIG DATA AND OCCURRENCE REPORTING FOR BETTER SAFETY MANAGEMENT Jen ABLITT, Head of Safety Strategy and Performance Sector.

Content Management lifecycle

Joint Africa – EU Strategy Tuning Seminars

Data Warehousing Data Mining Privacy

Spatial Information and Urban Analytics for Smart City Policy.

Ethical Implications of using Big Data for Official Statistics

Quality Framework Overview

Unit # 1: Overview of the Course Dr. Bhavani Thuraisingham

Presentation transcript:

Richard J Self - University of Derby 1 Governance Strategies for the Cloud, Big Data and other Technologies in Education Richard J Self BA LLM MBCS FHEA Senior Lecturer in Analytics and Governance University of Derby

Context Emerging Technologies in Education Critical Governance Issues Data Protection Regulations Risks to Human Current Frameworks ISO 27K, COBIT, etc….. Additional factors 12Vs of Big Data Technologies in Education Key Governance Questions 2Richard J Self - University of Derby

Gartner Hype Curve Richard J Self - University of Derby

Gartner Hype Curve Richard J Self - University of Derby 7de80268

Emerging Technologies in Education Examples Evaluated 3D Printing Google Glass Social Networks Data Analytics (Learning and Academic) Biometrics Based on Student research and publications 5Richard J Self - University of Derby

Governance “Doing the right thing in the right way at the right time with the right resources to the right quality in the right place for the right reasons” (Self, Self and Chang, 2012) 6Richard J Self - University of Derby

Governance Frameworks ISO 27k ISO27001 – ISMS Certifiable process ISO Code of practice for information security controls Critical questions Completeness? Generic Big Data Issues – extra needed? 7Richard J Self - University of Derby

ISO Key Controls 1. Information security policies 2. Organization of information security 3. Human resource security 4. Asset management 5. Access control 6. Cryptography 7. Physical and environmental security 8. Operations security 9. Communications security 10. System acquisition, development and maintenance 11. Supplier relationships 12. Information security incident management 13. Information security aspects of business continuity 8Richard J Self - University of Derby

12 Vs of Big Data 3Vs Volume (size) Velocity (speed) Variety (sources/format) 9Vs Governance Variability (temporal?) Value (to whom?) Veracity (truth) Validity (applicable) Volatility (temporal) Verbosity (text) Vulnerability (security) Verification (trust?) Visualisation (presentation) 9Richard J Self - University of Derby

Volume (S, G) How much? Who? How? Storage Dangers Technology? 10 MountainsOceans (Teahupo’o) Brian Bielmann Wikimedia

Velocity (S, G) Infrastructure Need for immediacy? Time to analyse How fast? 11 TwitterWikimedia

Variety (T, S, G) What? Connections? Similarity? Original purpose? Data Structures Ownership 12 ges.wordpress.com/ cell-phones/ Twitter Fruit salad?Choices

Variability (T, S, G) Consistency In-consistency Periodicity Data Analyses Predictions 13 Frankfurt weather forecastseasons Wikimedia

Value (G) Define Value! Monetary? Understanding? Whose value? Functionality? Convenience? Questions Answers? 14 ApplicationsGold crystals Wikimedia

Veracity (T, S, G) Truthful when? Identifying the dross? Data Algorithms Data cleansing 15 YouGov Wikimedia We know we errFinding the Truth

Validity (E, T, S, G) Context? Where? When? Correlation or Causation? Data Algorithms / Models Prediction 16 UK Penny Black Wikimedia Logical Deduction / Induction Johnson, 2008

Volatility (T, E, S, G) How quick? Value left? Data Predictions Sources of expertise 17 Snapchat Wikimedia Salt Pans in France

Verbosity (T, G) Context Meaning / semantics Grammar Syntax Redundant Knowledge 18

Vulnerability (T, E, S, G ) Legal (e.g. DPA and Right to be Forgotten) Reputation Financial Data Policies Processes Access Who and what skills? 19 OWASP: relationship between threat agent and business impact Wikimedia

Verification (T, E, S, G) How? Reliability? Context? Data Algorithms and models 20 1 st Japanese Passport 1866Digital Signature process Wikimedia

Visualisation (T, E, G) Manipulation 2D / 3D Video Who chooses? Guidelines and standards? 21 As presented by the UK Treasury As corrected by Sir Andrew Dilnot Log scale Breached Official Guidelines

Case Studies Contributing Student Authors See Paper for references Richard J Self - University of Derby 22

3D Printing A. G. Aladawi, G. Allen, A. Bensbiet, D. Silva Caires Richard J Self - University of Derby 23

3D Printing Critical Risks Breach of IPR Printing dangerous / illegal items Solvents Vulnerability and Verification Critical Controls Access controls and logs Teaching ethics and civil / legal responsibilities 24Richard J Self - University of Derby

Google Glasses F. Kalra, L. Mawhinney Richard J Self - University of Derby 25

Google Glass ( use by academics) Critical Risks Privacy and Consent Communication with Smart Device Google Cloud (DPA 1998) Personal Safety Vulnerability and Verification Critical Controls Acceptable Use policy (informed consent required) Cloud storage policies 26Richard J Self - University of Derby

Social Networks M. Al Yousif, A. Clark, A. Nagra, P. O’sullivan K. Samarah Richard J Self - University of Derby 27

Social Networks Context Group work and staff / student channel Critical Risks IPR, cyber-bullying, invasion of privacy and sharing information Vulnerabilities and Veracity Critical Controls Private walled-garden Strict moderation 28Richard J Self - University of Derby

Data Analytics (Learning and Academic) A. Clark Richard J Self - University of Derby 29

Data Analytics (Learning and Academic) Context Sentiment analysis Predictive analysis (achievement) Critical Risks Use of social media, irony, semantics? Data Protection Veracity, Volatility, Vulnerability and Verbosity Critical Controls DPA compliance Verification of sentiment analytics algorithms 30Richard J Self - University of Derby

Biometrics M. Haroon, G. Ali Raza, Richard J Self - University of Derby 31

Biometrics Context Personal Authentication Critical Risks False Positive / Negative rates Enrolment DPA and security Veracity, volatility, vulnerability, velocity Critical Controls DPA compliance policies 32Richard J Self - University of Derby

Conclusions The 12Vs of Big Data Add value to ISO based Governance Can identify critical issues in applying emerging technologies in HE Can help develop understanding of suitable controls 33Richard J Self - University of Derby