UAB IT Security Program Sallie Wright UAB AVP, Information Technology.

Slides:



Advertisements
Similar presentations
Security Education and Awareness Workshop January 15-16, 2004 Baltimore, MD.
Advertisements

Making Sense out of the Information Security and Privacy Alphabet Soup in terms of Data Access A pragmatic, collaborative approach to promulgating campus-wide.
HIPAA Security Risk Overview Lynne Shoemaker, RHIA, CHP, CHC OCHIN Integrity Officer Daniel M. Briley, CISSP, CIPP Summit Security Group.
David A. Brown Chief Information Security Officer State of Ohio
The Office of Information Technology Information Security Administrator Kenneth Pierce, Vice Provost for IT and Chief Information Officer.
Ray Greenlaw, School of Computing Armstrong Atlantic State University 1 Regional Center for Cyber Security Education and Training January 2003.
Advancing Security Programs through Partnerships Cathy HubbsShirley Payne IT Security Coordinator Director for Security Coordination & Policy George Mason.
Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.
Security Controls – What Works
OPM Cybersecurity Competencies by Occupation (Technical Competencies) Information Technology Management Series Electronics Engineering.
Public Safety & Institutional Assurance COMMUNICATING EXCELLENCE TOGETHER 2011 INDIANA UNIVERSITY COMMUNICATIONS & MARKETING CONFERENCE.
August 9, 2005 UCCSC IT Security at the University of California A New Initiative Jacqueline Craig. Director of Policy Information Resources and.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
Manage and Safeguard Your BC Career Cheyene Haase BC Management, Inc.
Alliance for Strategic Technology (AST) SUNY Business Intelligence Initiative January 8, 2009.
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
Affiliated Information Security Collaborative An Affiliated Enterprise Approach to Information Security Deans and Vice Presidents Meeting April 17, 2014.
Overview 4Core Technology Group, Inc. is a woman/ veteran owned full-service IT and Cyber Security firm based in Historic Petersburg, Virginia. Founded.
Systemic Barriers to IT Security Findings within The University of Texas System Clair Goldsmith, Ph.D., Associate Vice Chancellor and CIO Lewis Watkins,
OU INFORMATION SECURITY & RISK MANAGEMENT ISA – February 4, 2015.
Copyright © Center for Systems Security and Information Assurance Lesson Eight Security Management.
Data Protection in Higher Education: Recent Experiences in Privacy and Security Institute for Computer Law and Policy Cornell University June 29, 2005.
Website Hardening HUIT IT Security | Sep
Oklahoma Chapter Information Systems Security Association Oklahoma Chapter, Tulsa Oklahoma City Chapter, OKC Student Chapter, Okmulgee Oklahoma Chapter,
Information Security Compliance System Owner Training Richard Gadsden Information Security Office Office of the CIO – Information Services Sharon Knowles.
PBA. Observations  Growth, projects, busy-ness –Doing an incredible amount of work  Great Quality of work  Concern about being perfect  Attitudes.
Information Security– SNO International Zanzibar, Tanzania Joe Beaulac, Sr. Manager – Cyber Defense Center & Risk/Vulnerability Management 23 September.
Re-organizing Information Technology University at Buffalo.
Information Mark Bragg Associate Vice President for Information Technology & Chief Information Officer OIT Mission Statement To provide.
“ Technology Working For People” Intro to HIPAA and Small Practice Implementation.
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
Security Training & Awareness on a Budget Presented by: Calvin Weeks, (CISSP), CISM, EnCE.
HIT Standards Committee Privacy and Security Workgroup: Initial Reactions Dixie Baker, SAIC Steven Findlay, Consumers Union June 23, 2009.
Top Issues Facing Information Technology at UAB Sheila M. Sanders UAB Vice President Information Technology February 8, 2007.
EECS 710: Information Security and Assurance Assignment #3 Brent Frye 10/13/
LeToia Crozier, Esq., CHC Vice President, Compliance & Regulatory Affairs Corey Wilson Director of Technical Services & Security Officer Interactive Think.
Security is not just… 1 A Compliance Exercise Certification and Accreditation FISMA.
Public Health Data Standards Consortium
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
1 (ISC) 2 Conference Oct, 2008 Presented by Shin, Soojung Dr. Soojung shin, CISSP, Executive Vice President, Infosec, Korea.
SAS ‘05 Reducing Software Security Risk through an Integrated Approach David P. Gilliam, John D. Powell Jet Propulsion Laboratory, California Institute.
CAURA Ontario 2013 November 25, 2013 Presented by: Susan Munro, Assistant Director, Research Finance, McMaster University Annie Rémillard, Team Leader,
Data Breach: How to Get Your Campus on the Front Page of the Chronicle?
Converting Policy to Reality Designing an IT Security Program for Your Campus 2 nd Annual Conference on Technology and Standards May 3, 2005 Jacqueline.
Last Minute Security Compliance - Tips for Those Just Starting 10 th National HIPAA Summit April 7, 2005 Chris Apgar, CISSP – President Apgar &
Security Trends & Industry Insights
TAX-AIDE CO1 District Coordinator Training & Orientation 1 October 7, 2015.
IBM State and Local Government Team Strategic Vision to Transform Government in Arizona – December 20, Presentation to Society for Information Management.
The IT Vendor: HIPAA Security Savior for Smaller Health Plans?
Agency Name Security Program FY 2009 John Q. Public Agency Director/CIO/ISO.
E NGINEERING STUDIES IN T ELECOMMUNICATIONS S ECURITY School of Communication Engineering.
Welcome and Introduction to the Security Task Force Peter Siegel Co-Chair, Security Task Force Chief Information Officer and Vice Provost University of.
Robert Ono Office of the Vice Provost, Information and Educational Technology September 9, 2010 TIF-Security Cyber-safety Plans for 2010.
Raya for Information Technology. About US  Raya IT, established in 1998, operates in the field of systems integration and IT business solutions.  A.
NDSU Personal Safety and Security Assist. Project Introduction Leverages: –People and Partnerships –Philosophies –Centralized and Integrated Systems.
KSU’s Quality Enhancement Plan.  Current Core Requirement 2.12  The institution has developed an acceptable Quality Enhancement Plan (QEP) that (1)
Managed IT Services JND Consulting Group LLC
BruinTech Vendor Meet & Greet December 3, 2015
Cybersecurity - What’s Next? June 2017
OHIMA 2010.
Capabilities Matrix Access and Authentication
Introduction to the Federal Defense Acquisition Regulation
By: Tekeste Berhan Habtu Chief Executive Officer Venue: African Union
National Cyber Security
Biosurveillance and the National Health IT Agenda
Information Technology Organization Overview RFP #220-05
MicroToken Exchange Data Security Solutions
Presentation transcript:

UAB IT Security Program Sallie Wright UAB AVP, Information Technology

Agenda UAB Cyber Security Awareness Symposium October 20, :00–9:05WelcomeDr. Doug Rigney, Interim Vice President 9:05–9:15Current State of IT Security at UABSallie Wright, Assistant Vice President 9:15–9:20Recognition of CISSPsSallie Wright, Assistant Vice President 9:20–9:40Security & Jeff Jessee, Asst. Director, Infrastructure Services 9:40–10:00Data Loss/ARRA/HIPAATerrell Herzig, Information Security Officer, HSIS 10:00–11:00Implementing ISO 27001/27002 in Higher EducationTammy Clark, Georgia State 11:00–11:20Break 11:20–12:00Dell’s Approach to Enterprise Information Security Dale Whiteaker-Lewis, Dell IT Security Consultant 12:00–12:20High Performance Computing/caBIG John Sandefur, Information Systems Manager John-Paul Robinson, System Programmer Lead 12:20–12:40Break/Lunch 12:40–1:00Equipment SurplusMichael Thorn, Information Security Specialist 1:00–1:20Infrastructure Security David Wolford, Communications Network Specialist 1:20–1:40Encryption & Pod SlurpingSean Maher, Information Security Coordinator 1:40–2:00Software BundlesChris Green, Information Security Specialist 2:00–2:10Break 2:10–2:40*Security/Forensics Careers - NCFITBD 2:40–3:05*Safety in Social NetworkingBrandon Cain, Information Security Coordinator 3:05–3:30*Securing Your ComputerBrandon Cain, Information Security Coordinator 3:30– Wrap-upSallie Wright, Assistant Vice President *of interest to students

UAB Information Security  Mission  Protected computing everywhere  Support the University’s mission of research, education and service  Objectives  World class security program  Recognized as the national leader for excellence in information assurance across higher education 3

Higher Ed Trends in IT Priorities

IT Priorities at UAB  Top 3  Administrative and Student Information Systems (ERP)  Increased Support for Teaching and Learning  Increased Information Security  2008 – 2009 Top 3  Support for Research  Increased Support for Teaching and Learning  Increased Information Security

Security Programs Stages of Excellence Stage 4 Stage 3 Stage 2 Stage 1 World Class program Excellent results World Class program Excellent results Advanced security program Limited fire fighting, most processes in place Advanced security program Limited fire fighting, most processes in place Basic security program Fire fighting with some processes in place Basic security program Fire fighting with some processes in place No real security program Mostly fighting fires No real security program Mostly fighting fires Stages of Excellence

Stage 1 No real information security Program Mostly fighting fires

Stage 2 Basic security program Fire-fighting with some processes in place Basic security program Fire-fighting with some processes in place

Stage 3 Advanced security program Limited fire fighting, most processes in place Advanced security program Limited fire fighting, most processes in place

Stage 4 World Class program Excellent results World Class program Excellent results

11

IT Security Central Resources Sallie Wright Chris Green Michael Thorn Sean Maher Brandon Cain14

UAB Security Initiatives Recent Accomplishments Intrusion DetectionRESNET NACComputer Forensics LabWhole Disc Encryption In Process Electronic Messaging Security Application Penetration Testing Lab caBig Security Framework On the Horizon Campus Wide Security Training & Certifications PCI Compliance Risk & Security Assessments eDiscovery 15

UAB Security Initiatives AccomplishmentsIn ProcessOn the Horizon Electronic Messaging Security Research Security Planning UAB Information Security Enterprise Council Application Penetration Testing Facility JRE UpgradesCell Phone and Removable Media Encryption Deployment Electronic Media Destruction 2 Factor AuthenticationIT Technical Coordinators Forensics Service CenterPCI CompliancePolicies, policies, policies Campus Wide Security Training and Certifications ARRA HIPAA Privacy Breach Notifications IDM caBig Security FrameworkBundle Images Laptop Encryption

Security Services  Computer Forensics & Investigations  Application Penetration Testing  Risk Vulnerability Assessments  Incident Response  Security Planning  Security Architecture  Electronic Messaging Security  Anti-Virus Protection 17

IT Technical Coordinators  Deans appointed IT technical coordinators  Build communications and partnerships with the schools  Ensure coordination of university-wide solutions with school-based initiatives  UAB Computer Incident Response Team membership  Participate in the selection of new UAB-wide solutions 18

UAB Security Stats Computer Forensics Risk Assessments Pen Tests Help Tickets Copyright Violations Virus Infections

Information Security Certifications  CISSP – Certified Information Systems Security Professionals  Course attended by 29 participants  Testing completed by 26; 2 scheduled for December  Confirmed 15 New CISSP’s across campus 20

UAB Information Security Enterprise Council  Purpose  To provide insight into the IT security needs of UAB  To assist with ensuring IT security posture continues to be strengthened across UAB  To help identify opportunities to improve IT security  To participate in the review of the IT security plan and to recommend the priorities for best meeting the information security needs of UAB

Congratulations to….CISSP’s Phillip CottonAshley FlemingFran Fabrizio Chris GreenEd HarrisTerrell Herzig Jerry LawrenceSean MaherLarry Owen Rajesh PillaiBrian RosenowEric Rzeszut John SandefurDr. Feng SunMichael Thorn

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.