Download presentation
Presentation is loading. Please wait.
Published byVirginia Elfrieda Pope Modified over 6 years ago
1
Internet2 Update CSG at Yale University May 2017
PRESENTED BY: Florence D. Hudson, Senior Vice President and Chief Innovation Officer, Internet2
2
Internet2 Update Topics
TIER – Kick the tires! Please… Update on IoT Systems Risk Management and TIPPSS since Virginia Tech / Internet2 presentation on TIPPSS for IoT at Duke CSG meeting Deliverables from IoT systems risk managment task force ITANA/Internet2 Enterprise IoT working group NTIA working groups Cybersecurity research Transition To Practice (TTP) acceleration Questions / Answers
3
TIER Development Process
Community Workshop use cases/ requirements Community Developed Specifications Internet2 Contracted Software Development Internet2 Automated Testing Campus Functional Review &Testing TIER Development Process Iterative dev, test, review Assumes collaboration & tight integration with campus teams
4
Looking for TIER Tire Kickers
Next Steps Operations Environment TIER Development Cycle Reviewing TIER and Providing Feedback Starting Discussions on Campus Input/questions
5
Trust, Identity, Privacy, Protection, Safety & Security
TIPPSS - Trust, Identity, Privacy, Protection, Safety & Security – challenges for Internet of Things devices – update since Duke CSG Hacking an IoT device can have implications across multiple fronts: Trust, Identity, Privacy, Protection, Safety & Security Financial Physical Data Reputation
6
Initiatives to address TIPPSS challenges
IoT Systems Risk Management Task Force – Deliverables at April 2017 Global Summit “Finding IoT devices connected to your campus network using Shodan, Censys” brochure “IoT Vendor Management Considerations for Higher Education” document All on Internet2 CINO wiki Joint ITANA/Internet2 Enterprise Managed IoT working group – Began 1Q17 – Join us U.S. National Telecommunications & Information Administration working groups - ongoing Microsoft Campus Connections Summit Initiatives – Cybersecurity learning hub - Began 1Q17 Collaborative Innovation Community CINC UP activities - ongoing Monthly CINC UP calls on pertinent topics, e.g., Blockchain, network segmentation for IoT Cybersecurity Research Transition To Practice Acceleration workshops/matchmaking - ongoing US NSF Early Concept Grant for Exploratory Research Join us on the path forward…
7
Full document available:
Internet2 IoT Systems Risk Management Task Force: Recommends Initial Exposure Baselining via Shodan & Censys.io tools. Full document available:
8
Internet2 IoT Systems Risk Management Task Force: Developed IoT Systems Vendor Management Considerations Document. This document is intended to provide different organizations within Higher Education institutions with items to consider as they engage with IoT systems vendors at the different phases of selection, procurement, deployment and management. IoT systems are selected, acquired and deployed by higher ed institutions through multiple paths. The historical acquisition approach of selection, acquisition, deployment and management of traditional enterprise IT systems through central IT is not sufficient for IoT systems. Questions to consider in organizational approaches to IoT systems and vendor management. Who will monitor and manage the device? Is there a data feed to the device? Who will create and support it? Who will secure it? Are there trust, identity, privacy, protection, safety and/or security considerations? Is there a patch and upgrade plan? Who will do the patching? Who manages the plan? Are there interdependencies between any of these IoT systems? Who manages that? Is there a separate network segment for the IoT devices? Is it air gapped? Full document available:
9
Joint ITANA/Internet2 Enterprise IoT working group to determine and document: Where can the enterprise help to manage IoT? Who does management? Facilities Campus IT Purchasing Where and how to put management? The IP network? Data link layer controls? REST API’s What’s the business model? Governance Funding
10
U. S. National Telecommunications & Information Administration, U. S
U.S. National Telecommunications & Information Administration, U.S. Department of Commerce Efforts Multistakeholder Process for IoT Security Upgradability and Patching Technical Capabilities and Patching Expectations Working Group Capabilities Group - Components of An Update Existing Standards, Tools, and Initiatives Working Group - IoT Standards Catalog Communicating Upgradability and Improving Transparency Working Group Incentives, Barriers, and Adoption Working Group Internet2 university, regional, CINO participants
11
NSF EAGER: Cybersecurity Transition To Practice (TTP) Acceleration.
Challenge Accelerate Transition To Practice (TTP) of NSF-funded later-stage cybersecurity research into R&E environments Scientific Impact Increase awareness of cybersecurity research & capabilities Accelerate cybersecurity TTP in the near- to mid-term to make cyberspace safer Identify cybersecurity needs to inform future NSF solicitations Solution Identify & assess NSF cybersecurity research inventory Interview researchers & practitioners Leverage Internet2 community to enable “matchmaking” Deploy webinars, portal, in-person events for researcher/IT matchmaking Identify cybersecurity needs/gaps Broader Impact Enable partnership for NSF TTP with other Federal agency programs to accelerate & streamline TTP pipeline Enable more diverse R&E pipeline partnering with Society of Women Engineers and others GOAL: Accelerate Transition To Practice (TTP) of NSF funded later stage cybersecurity research into operational Research & Education (R&E) environments through applied research pilot deployments Key Elements: Enable Internet2 to serve as a “matchmaker” between academic cybersecurity researchers and IT operational staff in the R&E community Increase awareness of cybersecurity research and capabilities for the R&E community Encourage and enable pilot deployments of later stage cybersecurity research by operational users in operational environments Accelerate cybersecurity transition to practice Develop insights and a framework to enable a sustainable Transition To Practice program Approach: Develop inventory of NSF cybersecurity awards and PI’s Identify research projects with potential for applied testing Identify potential users of the cybersecurity research Interview cybersecurity researchers, practitioners, universities, agencies Identify success stories, best practices, learnings, potential synergies, & collaborations Identify cybersecurity infrastructure needs/gaps from R&E users & leaders Create matchmaking events between researchers and operational users Develop materials, people/institutional network for matchmaking enablement Webinars, one-on-one matchmaking, in-person workshops/showcases JOIN US: SHOWCASE YOUR RESEARCH ON WEBINARS, INTERNET2 GLOBAL SUMMIT Contact us: Engage the extended R&E pipeline for broader impact Utilize virtual organization/online portal to enable future matchmaking Explore development of an end-to-end cybersecurity innovation and deployment pipeline including working with other agencies, enabling a sustainable cybersecurity TTP program Award Number: Internet2 PI: Florence Hudson, SVP/Chief Innovation Officer
12
To join these efforts…email
Questions & Answers… To join these efforts… Or @FloInternet2
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.