Presentation is loading. Please wait.

Presentation is loading. Please wait.

JISC FRAMEWORKS FOR CYBERSECURITY Implementation at Havering College

Published byAndrzej Sikora Modified over 5 years ago

Similar presentations

Presentation on theme: "JISC FRAMEWORKS FOR CYBERSECURITY Implementation at Havering College"— Presentation transcript:

1 JISC FRAMEWORKS FOR CYBERSECURITY Implementation at Havering College

2 About FE and HE College 407 FTE staff, 6,000 students
3000 workstations 2 main sites 1 construction centre

3 Why use the Jisc Framework?
Approved tender, fixed pricing Affordable in lower quantity (helped to get initial scans in place) Range of services Tendered & approved by Jisc Account manager & College keen to make use of Jisc subscription Permission to scan the Jisc network

4 Vulnerability scan Analyse current state Remove vulnerable products
Implement additional layers of protection Upgrade to latest secure versions Inform users and management

5 Results Scanned entire IP range for active systems
Found 1 serious vulnerability (immediately removed) Some minor fixes (SSL ciphers)

6 Follow up Ensure new services are included in scan
Joomla vulnerability found on a recent point release Otherwise only “low” entries Firewall on for scans (thoughts?)

7 Phishing simulation Initial test of user awareness
>40% clicked link UCISA training follow-up Cybersecurity SD sessions Things to consider… Blanket or targeted? Internal or external style mail? Train first or phish first?

8 Phishing simulation

9 Phishing simulation Highlights a need for more robust filtering Office 365 EOP no longer fit for purpose (?) but MS will happily sell you ATP… Accounts found on haveibeenpwned spam lists Volume of phishing rapidly rising Framework for security would be useful

10 CAD P.O.C. Analyse activity of Office 365 accounts
Alert on (potentially) breached accounts Compare cost and features against Azure AD Premium

11 CAD P.O.C. At present can only do this manually
Check daily for suspicious logins (country, time etc.)

12 Other services Best practice health checks
Palo Alto SLR interesting insights into top traffic sources DNS Sinkholing Blocking CnC traffic Threat Profile

Download ppt "JISC FRAMEWORKS FOR CYBERSECURITY Implementation at Havering College"

Similar presentations

P3, M2,M3,M4.

P3, M2,M3,M4.
Hacker’s tricks for online users to reveal their sensitive information such as credit card, bank account, and social security. Phishing emails are designed.

Hacker’s tricks for online users to reveal their sensitive information such as credit card, bank account, and social security. Phishing s are designed.
Windows 7 Project and Heartbleed Update Sian Shumway Director, IT Customer Service.

Windows 7 Project and Heartbleed Update Sian Shumway Director, IT Customer Service.
NCS welcome all participants on behalf of Quick Heal Anti Virus and Fortinet Firewall solution.

NCS welcome all participants on behalf of Quick Heal Anti Virus and Fortinet Firewall solution.
RSA Attack Analysis Karl F. Lutzen, CISSP S&T Information Security Officer.

RSA Attack Analysis Karl F. Lutzen, CISSP S&T Information Security Officer.
Summer 200811 IAVA1 NATIONAL INFORMATION ASSURANCE TRAINING STANDARD FOR SYSTEM ADMINISTRATORS (SA) Minimum.

Summer IAVA1 NATIONAL INFORMATION ASSURANCE TRAINING STANDARD FOR SYSTEM ADMINISTRATORS (SA) Minimum.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Petros Lam VP, Sales & Marketing The Hong Kong School Net Ltd.

Petros Lam VP, Sales & Marketing The Hong Kong School Net Ltd.
LittleOrange Internet Security an Endpoint Security Appliance.

LittleOrange Internet Security an Endpoint Security Appliance.
What’s New in WatchGuard XCS 10.0 Update 3 WatchGuard Training.

What’s New in WatchGuard XCS 10.0 Update 3 WatchGuard Training.
Kaspersky Open Space Security: Release 2 World-class security solution for your business.

Kaspersky Open Space Security: Release 2 World-class security solution for your business.
IP Blacklisting Causes & Solution Marcus Low, R&D Director InternetNow International Sdn Bhd.

IP Blacklisting Causes & Solution Marcus Low, R&D Director InternetNow International Sdn Bhd.
Internet/Intranet firewall security – policy, architecture and transaction services Written by Ray Hunt This presentation will Examines Policies that influence.

Internet/Intranet firewall security – policy, architecture and transaction services Written by Ray Hunt This presentation will Examines Policies that influence.
Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.

Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.
Information Technology Services 1 Copyright Copyright Marc Wallman and Theresa Semmens, 2006. This work is the intellectual property of the authors. Permission.

Information Technology Services 1 Copyright Copyright Marc Wallman and Theresa Semmens, This work is the intellectual property of the authors. Permission.
Campus Firewalling Dearbhla O’Reilly Network Manager Dublin Institute of Technology.

Campus Firewalling Dearbhla O’Reilly Network Manager Dublin Institute of Technology.
Information Security Phishing Update CTC

Information Security Phishing Update CTC
Brad Baker CS526 May 7 th, 2008 5/7/2008 1. 1. Project goals 2. Test Environment 3. The Problem 4. Some Solutions 5. ModSecurity Overview 6. ModSecurity.

Brad Baker CS526 May 7 th, /7/ Project goals 2. Test Environment 3. The Problem 4. Some Solutions 5. ModSecurity Overview 6. ModSecurity.
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.

Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
COMPREHENSIVE Windows Tutorial 5 Protecting Your Computer.

COMPREHENSIVE Windows Tutorial 5 Protecting Your Computer.

Similar presentations

Ads by Google