Download presentation
Presentation is loading. Please wait.
Published byArthur Logan Modified over 6 years ago
1
Navigating Security Seas in a Small Ship with a Limited Crew
Gary Blackard, VP Strategy & Innovation and CIO, Evangel University Derek Densberger, CIO, Vanguard University
3
“Someone is sitting in the shade today because someone planted a tree a long time ago” - Warren Buffett
4
Data Average Dwell Time in U.S. in 2017 = 99 days1
Revenue losses of up to $300M for leading global companies2 28% of organizations view cyber insurance as a substitute for cyber-defense investment3 66% claim their in-house cyber security capabilities are adequate yet 80% said they were breached within past year3 61% of organizations mandate cyber security awareness training for all employees3 Fire Eye Trends Report 2. Gartner Research 3. AT&T Global State of Cybersecurity report
6
Evangel’s Timeline
7
Vanguard’s Timeline Vanguards strategy began in late 2015 and has continued to build each year.
Deployed new Fortinet firewall Migrated students to Office 365 Encrypted all mobile hard drives Deployed KnowBe4 Solution and began Phishing exercises MFA deployed for all staff Implement Cloud App security Deploy MFA to students using Azure Identity protection Deploy MFA on VPN using existing cloud security system Implement Azure Information Protection to be able to track documents and control access KnowBe4 Phishing publicly 2017 2016 2018 MFA deployed to all students Domain admins and system administrators assigned secure accounts for admin work. Deployed KnowBe4 to measure campus Hardened Servers/ firewalls
8
Infrastructure Firewalls –A must have, not an option
Firewalls are the first line, and sometimes only line of defense. We all know that there is no perfect firewall that stops every attack. Having a decent firewall takes time and often money to hack which detours most hackers. A good firewall can be expensive and hard to attain for a small university. Determine what your need is, do your research and reach out to other universities to gain their insights Most if not all systems come with a base firewall. Take the time and effort to set it up and use it Campus firewall – Protect from the outside Server Firewalls – Protect between systems Mobile device firewalls - Protection while traveling
9
Infrastructure Threat Detection Know where your risk is at
Threat detection plays a critical role in protecting data from advanced and persistent malware attacks. Know where your risk is at Evaluate your options Have a Plan
10
Infrastructure Antivirus – Anything is better then nothing
The importance of having antivirus on individual machine (corporate and student) is vital to protecting your campus and data. Affordable solutions are available to help protect your campus and if budget is an issue, A freeware is still better then nothing. Vanguard is using: Forticlient antivirus on each personal device which was made available as part of the firewall purchase Office 365 antivirus for scanning
11
Raising security awareness
Never let a cyber event go to waste – Every cyber attack you are aware of needs to be communicated out to your campus. Numbers are louder than words – Provide regular updates to your campus on the number of s blocked or attacks prevented Create cyber security muscle memory – Repetitive training helps your campus become accustom to threats and how to handle them Test your own campus – Use a tool to perform your own attacks on your campus. You learn the most from active testing.
13
Communication to staff/faculty
Every communication must have a why (a purpose) and give clear, concise information or direction. Keep communications as short as possible. Say more with less. If action is required, make that action clear. Examples and stories resonate more than technical jargon.
14
One Step at a Time High end security plans are expensive and often hard to fund when you try to do it all at once. Make at least one improvement a year to one of these areas and before long you will have security for you system
15
What you can do now Take 5 minutes and write down 2 actions you can do within the next 6 months Answer these questions Why these actions? What risks/barriers will you face? Who should be engaged?
16
Questions?
17
Thank you! Gary Blackard: gblackard@evangel.edu
Derek Densberger:
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.