Security Professionals Conference May 2008. REN-ISAC Goal The goal of the REN-ISAC is to aid and promote cyber security protection and response within.

Slides:

Advertisements

Similar presentations

Philippine Cybercrime Efforts

Advertisements

Quality Assurance Review Team Oral Exit Report District Accreditation Forsyth County Schools February 15, 2012.

REN-ISAC Research and Education Networking Information Sharing and Analysis Center AMSAC Update July 10,

Jason Ming Sun ICT Academic Systems University of South Africa Government CIO Summit Towards reducing costs of doing business in government.

Research and Educational Networking Information Analysis and Sharing Center (REN-ISAC) Doug Pearson Director, REN-ISAC

KanREN: 2001 and beyond Doug Heacock Executive Director Kansas Research and Education Network.

EETAP UPDATE Presented By Dr. Augusto Medina University of Wisconsin-Stevens Point Welcome.

ABCs of CJJ Membership Exploring the Options, Benefits, and Future of CJJ Membership.

COMMUNITY RESOURCE MAPPING Train the Trainer MAST - NH December 15, 2006 Facilitated by: Kelli Crane.

© 2003 Carnegie Mellon University slide 1 Building CSIRT Capabilities and the State of the Practice Georgia Killcrece CSIRT Development Team CERT ® Training.

Abilene Transit Security Policy Joint Techs Summer ’05 Vancouver, BC, CA Steve Cotter Director, Network Services Steve Cotter Director,

Research and Educational Networking Information Analysis and Sharing Center (REN-ISAC) Mark S. Bruhn, Interim Director University Copyright.

Advancing Security Programs through Partnerships Cathy HubbsShirley Payne IT Security Coordinator Director for Security Coordination & Policy George Mason.

REN-ISAC Update Doug Pearson, REN-ISAC Technical Director DICE 12 February 2008 Athens, Greece 1.

1 REN-ISAC Research and Education Networking Information Sharing and Analysis Center Internet2 Member’s Meeting Chicago 5 December 2006.

REN-ISAC Research and Education Networking Information Sharing and Analysis Center.

Higher Education Cybersecurity Strategy, Programs, and Initiatives Rodney Petersen Policy Analyst & Security Task Force Coordinator EDUCAUSE.

EDUCAUSE/Internet2 Computer and Network Security Task Force Update Jack Suess February 3, 2004.

Higher Education-Industry Collaborations to Improve Security Joy Hughes, George Mason University Peter Siegel, University of California, Davis Jack Suess,

Information Security Governance in Higher Education Policy2004 The EDUCAUSE Policy Conference Gordon Wishon EDUCAUSE/Internet 2 Security Task Force This.

Information Assurance and Higher Education Clifton Poole National Defense University Carl Landwehr National Science Foundation Tiffany Olson Jones Symantec.

Enterprise Security. Mark Bruhn, Assoc. VP, Indiana University Jack Suess, VP of IT, UMBC.

BCNET Security Policies Jens Haeusser Information Security Officer, UBC and Chair, Security Working Group, BCNET Internet2 Joint Techs Vancouver, BC July.

Part of a Broader Strategy

Be Part of Something BIG Volunteer Opportunities American Society of Safety Engineers.

Indianapolis Discovery Network for Dementia Malaz Boustani, MD, MPH Decision Making Process & Governing in IDND.

US-CERT National Cyber Security Division/ U.S. Computer Emergency Readiness Team (US-CERT) Overview Lawrence Hale Deputy Director, US-CERT.

1 The Early Childhood Family Engagement Framework: Maryland’s Vision for Engaging Families with Young Children Jeffrey Capizzano President Maryland State.

2 Overview With active participation from individuals and chapters all over the world, the Information Systems Security Association (ISSA)

Security: New Trends, New Issues Internet2 Fall Member Meeting 2004 Doug Pearson Indiana University Research and Education Networking ISAC

INTERNET2 COLLABORATIVE INNOVATION PROGRAM DEVELOPMENT Florence D. Hudson Senior Vice President and Chief Innovation.

INDIANAUNIVERSITYINDIANAUNIVERSITY TransPAC2 Security John Hicks TransPAC2 Indiana University 22nd APAN Conference – Singapore 20-July-2006.

District XXXX Presidents-elect Training Seminar 1 Session 8: Goal Setting.

Clean, Green, and on the Same Team! How Economic and Workforce Development are Partnering to Serve an Emerging Regional Industry.

Shared Darknet Project Internet2 Spring 2006 Member Meeting Doug Pearson Technical Director, REN-ISAC.

Salsa Bits: A few things that the analysts aren't talking about... December 2006.

APNIC Update Paul Wilson Director General Operational Plan Key Outcomes Delivering Value Supporting Internet Development Collaborating and Communicating.

RESIDENT PROJECTS ROBERT LEONHARD QUALITY IMPROVEMENT MANAGER.

Crosswalk of Public Health Accreditation and the Public Health Code of Ethics Highlighted items relate to the Water Supply case studied discussed in the.

Oncology Nursing Society Forming a new CHIP at the local level.

2009 Institute for Staff Development Students Today, Leaders Tomorrow Newcomer Orientation Steve Casa Senior Director, Network Advocacy Bill Taylor Senior.

INDIANAUNIVERSITYINDIANAUNIVERSITY 23rd APAN Meeting Manila, Philippines January REN-ISAC and Peakflow SP John Hicks Indiana University TransPAC2.

Research and Education Networking Information Sharing and Analysis Center REN-ISAC John Hicks TransPAC2/Indiana University

Quality Assurance Review Team Oral Exit Report District Accreditation Bibb County Schools February 5-8, 2012.

Security Topics Update Christopher Misra Mark Poepping April 2007.

EDUCAUSE LIVE EDUCAUSE/Internet2 Computer and Network Security Task Force Update Jack Suess January 21, 2004.

The Next Stage for Results in Africa. Context 2005 Paris Declaration on Aid Effectiveness 2006 Mutual Learning Events Uganda & Burkina Faso 2007 Hanoi.

NSF Cybersecuity Summit May REN-ISAC Goal The goal of the REN-ISAC is to aid and promote cyber security protection and response within the higher.

Interagency Collaboration: Transition’s Reality Show Sharon deFur Jeanne Repetto coe.ufl.edu.

Research and Education Networking Information Sharing and Analysis Center REN-ISAC Doug Pearson Director, REN-ISAC Copyright.

Systems Accreditation Berkeley County School District School Facilitator Training October 7, 2014 Dr. Rodney Thompson Superintendent.

Planning for School Implementation. Choice Programs Requires both district and school level coordination roles The district office establishes guidelines,

Research and Education Networking Information Sharing and Analysis Center REN-ISAC Doug Pearson Director, REN-ISAC

Capacity Building & the European Community Research Framework Programme: (FP7) Alan Edwards European Commission.

1 REN-ISAC Update Research and Education Networking Information Sharing and Analysis Center Joint Techs Madison WI July 2006.

Internet2 Abilene & REN-ISAC Arbor Networks Peakflow SP Identification and Response to DoS Joint Techs Winter 2006 Albuquerque Doug Pearson.

Resources for Meeting Internet Safety Requirements Cheryl Elliott James Madison University Bill Johnsen Virginia Beach City Public Schools Educational.

REN-ISAC Research and Education Networking Information Sharing and Analysis Center Doug Pearson REN-ISAC Director Internet2 Security WG BoF October 14,

Session Materials  Wiki   Wireless  Network: OpenAir  Password:

Singapore Compact for CSR: The CSR Movement in Singapore Presentation by: Mr Thomas Thomas - Executive Director, Singapore Compact for CSR -Chair, Singapore.

INTRODUCTION TO IDENTITY FEDERATIONS Heather Flanagan, NSRC.

SIC: Small Business Recommendations Amy Jo Moore Speaker of the Senate Oct

Capacity Building in: GEO Strategic Plan 2016 – 2025 and Work Programme 2016 Andiswa Mlisa GEO Secretariat Workshop on Capacity Building and Developing.

Earth’s Mightiest Heroes: Combating the Evils Lurking in Cyberspace

Higher Education Information Security Council

Cybersecurity Summit 2009 Doug Pearson

InCommon Steward Program: Community Review

Module 5 Liaison and Managing Relationships with Stakeholders

Essential Elements: Schools-to-Watch Program

Chapter to Provide Title

Presentation transcript:

Security Professionals Conference May 2008

REN-ISAC Goal The goal of the REN-ISAC is to aid and promote cyber security protection and response within the higher education and research (R&E) communities, through : the exchange of sensitive actionable information within a private trust community, the provision of direct security services, and serving as the R&E trusted partner within the formal ISAC community.

Benefits of Membership Get and share practical defense information in a private trust community Establish relationships with known and trusted peers Benefit from vendor relationships (e.g. Microsoft SCP) Participate in technical security webinars Participate in REN-ISAC meetings, workshops, & training 24x7 REN-ISAC Watch Desk Have access to active threat and other sensitive data feeds, e.g. for local IP and DNS block lists, sensor signatures, etc. 2nd annual R-I Member Meeting held here…Tuesday.

Membership Membership is open to: –institutions of higher education, –teaching hospitals, –research and education network providers, and –government-funded research organizations; –international, although focused on U.S. Currently, membership guidelines are roughly: –must have organization-wide responsibilities for cyber security protection and response, –must be permanent staff, and –must be vouched-for (personal trust) by 2 existing members –

Membership People Orgs

REN-ISAC is a Cooperative Effort Member participation is a cornerstone of REN-ISAC Advisory Groups –Executive Advisory Group: IU, LSU, Oakland U, Reed College, U Mass, UMBC, U Montana, Internet2, and EDUCAUSE –Technical Advisory Group: Cornell, IU, Neustar, MOREnet, Team Cymru, UC Berkeley, U Mass, U Minn, U Oregon, and WPI Analysis Teams –Microsoft Analysis Team: Colorado, IU, NYU, UIUC, U Washington Service development teams –numerous Dedicated resource contributors: IU, LSU Other major, e.g. systems, tools, coordination, etc. –Buffalo, Brandeis, WPI, and MOREnet

Information Sharing REN-ISAC is a private trust community which provides: A safe zone for the sharing of organizational incident experience which may not otherwise be shared. Protection for information which if publicly disclosed would abet malware writers. Protection for information about methods and sources.

Information Resources REN-ISAC members Information sharing relationships (multiple, formal and informal) Direct reconnaissance Other sector ISACs Global Research NOC at IU (R&E backbone networks) Vendor relationships Network instrumentation and sensors –Internet2 Abilene network backbone netflow Arbor Peakflow SP for DDoS discovery –REN-ISAC darknet

Notifications Sent

For example, 2 periods of notifications quickly and dramatically blunted the severity of Storm infections in EDU

Note: The Microsoft MSRT (Malicious Software Removal Tool) is updated for Storm on 9/11

Summer ‘08 Two-Tiered Membership Goal is to achieve broader reach while still maintaining a strong-trust core “General” membership = the entry-level tier –A CIO (or equivalent) appoints General members – one or more full-time staff who meet eligibility requirements. Personal trust vouches are not required, but nominations are open to dispute “XSec” membership = the e(X)tra (Sec)ure tier –Additional membership criteria, and two vouches of personal trust are required from existing XSec members

Membership Fees Membership is currently free, necessary growth and value to the community is not sustainable. Beginning July 1, 2009 a nominal membership fee will be instituted. The fee is not finalized, but we anticipate yearly per-institution cost will be very low.

Priorities for the Coming Year Not in priority order: Membership growth Implement the two-tiered membership model Implement a sustainability & growth business plan Facilitate various forms of member involvement and contribution Development of additional information sharing relationships, and care and feeding of existing relationships Assessment of current services and member needs Scanning services project Various tool and service projects

Contacts 24x7 Watch Desk: +1(317) Doug Pearson, Technical Director Mark Bruhn, Executive Director Gabriel Iovino, Principal Security Engineer