Presentation is loading. Please wait.

Presentation is loading. Please wait.

REN-ISAC Research and Education Networking Information Sharing and Analysis Center AMSAC Update July 10, 2008 1.

Published byReyna Starnes Modified over 10 years ago

Similar presentations

Presentation on theme: "REN-ISAC Research and Education Networking Information Sharing and Analysis Center AMSAC Update July 10, 2008 1."— Presentation transcript:

1 REN-ISAC Research and Education Networking Information Sharing and Analysis Center AMSAC Update July 10, 2008 1

2 REN-ISAC Mission Aid and promote cyber security protection and response within the higher education and research (R&E) communities through the sharing of actionable information within a private trust community. Support the protection of national cyber infrastructure by serving as the R&E trusted partner within the formal ISAC community. 2

3 History of the REN-ISAC Established by Indiana University in 2003 EDUCAUSE/Internet2 Security Task Force supported it as an ISAC for the research & education community with DHS. Began working with DHS in late 2003/early 2004. In 2006, HEAG requested Microsoft partner with REN to enhance communication and support of security for Microsoft products in higher education. – The partnership agreement was completed in late November 2006. – REN forms Microsoft Analysis Team to work with Microsoft on security issues. In 2007, REN forms executive advisory group. 3

4 Current Membership As of July 1, 2008 – 252 institutions are represented – 499 individuals have been vetted into the trust community Most institutions are research universities though we have a few small liberal arts colleges and a small number of comprehensive universities 4

5 REN-ISAC Executive Advisory Group Present REN EAG * Term expires 7/1/08 but staying on another year. ** Term expired 7/1/08 and seat is open Provides advice to Indiana on the direction and policies the REN should pursue. Current focus has been on broadening membership, identifying services that members need, and developing a sustainable business model to support those services. 5 Theresa Rowe, Oakland UnivMarty Ringle, Reed College Brian Voss, LSURay Ford, U. of Montana ** Jack Suess, UMBC*Rodney Petersen, Educause Ken Klingenstein, Internet2Mark Bruhn, Indiana University

6 REN-ISAC Business Model Goal – Generate funding for sustainable REN-ISAC operations, and provide a model that supports scaling of reach to all of U.S. higher education. Direct or in-kind funding for services will come from the following sources: – Member institution fees – Indiana University – EDUCAUSE, Internet2 or other groups focused on support of R&E networking and security – Individual or institutional in-kind contributions to group projects 6

7 REN-ISAC Business Model All revenue generated by the REN-ISAC is used to fund services provided to the R&E community. Voluntary member contributions of staff time and expertise are used to keep fees as low possible. A set of financial principles and guidelines, published to the members, will guide revenue generation and expenditures. A financial review will be conducted once yearly with participation of the Executive Advisory Group. 7

8 Planned Member Growth

9 “General” REN-ISAC Membership General membership is open to all R&E institutions, teaching hospitals, and R&E network providers – CIO (or equivalent) appoints representatives – one or more full-time staff who meet eligibility requirements Services – Participate in the private trust community – Have access to known & trusted contacts in R&E – Receive the Daily Watch report, Alerts, Advisories, and other actionable protection and response information – Benefit from vendor relationships (e.g. Microsoft SCP), and relationships in the broad security community – Participate in security webinars – Participate in REN-ISAC meetings, workshops, & training – Have access to the 24x7 REN-ISAC Watch Desk 9

10 “XSec” REN-ISAC Membership XSec membership provides all General membership benefits, plus additional XSec-only services. To qualify for XSec membership, the individual must: – Be a principal security representative for the institution – Devote more that 50% of time to security work – Receive trustworthiness vouches from XSec members – Submit an application Additional services: – XSec private trust & community plumbing – Active threat and other sensitive data feeds 10

11 Membership Fees Institution General: $700/year Institution XSec: $900/year The fee is per-institution, irrespective of the number of REN-ISAC members from the institution. If one or more members at an institution are XSec, the institution pays the XSec fee. 11

12 Other REN-ISAC Services REN-ISAC will continue to work with the community to identify and develop new services and information products. Software developed by the REN-ISAC will generally be available as Open Source. Over time, the REN-ISAC may add services targeted directly for individual campuses, such as log analysis, penetration testing, and network scanning. These institution-specific services may require a separate fee. 12

13 General Announcement Target a general announcement in early July Hold a webinar on decision with members. Work with Rodney/Mark to identify leaders at institutions; and EAG will write to them. Hold BOF’s at Internet2 Member Meeting in October and the Educause Conference in October. Generate additional mailing of member brochure in late January 2009 with invoice. 13

14 Membership Goals for 2008 Focus is on reaching out to different regions to identify groups and explain the value proposition for joining the REN. Work to meet with HBCU’s, community colleges, mid-size, and small colleges to understand needs. Add 100 general members to the REN Begin development of new services

15 Connection to Microsoft REN-ISAC Microsoft Analysis Team (MAT) provides monthly update on planned security patches and feedback from REN to Microsoft. REN-ISAC running a webinar on machine forensics for VISTA. REN-ISAC mailing list had 2700 messages in last year. HEAG support has been critical to the REN’s success and the REN-ISAC wants to focus on making the transition to VISTA secure.

16 REN-ISAC Security Cooperation Program (SCP) Status REN-ISAC representing US Higher Ed joins the Microsoft Security Response Alliance via SCP agreement – 24x7 HELPSEC line – Direct access into Microsoft security teams via MSRC Manager (Zot O’Connor) – Dedicated URL for malware submission – REN-ISAC welcomed into ISP GIAIAS meetings and joint projects – Microsoft will sponsor REN-ISAC for membership in Digital PhishNet (DPN)

17 Training Support to the Community Microsoft is working with the REN – Vista Forensics class (3 days) – Defend the Flag (2 days) REN is working with the STF on how we support the community with VISTA security – REN Webinars on focused topics – STF presentation at conferences

18 AMSAC Issues What will the evolution of the REN to a fee- for-service model mean for I2 ? Should I2 continue to support the REN financially? How can I2 leverage the REN to better support security within the I2 community? Are there additional research issues that I2 and the REN can collaborate on?

Download ppt "REN-ISAC Research and Education Networking Information Sharing and Analysis Center AMSAC Update July 10, 2008 1."

Similar presentations

UCSC History. UCSC: A brief history 60s University Placement Committee A lot of field trips/interaction with employers.

UCSC History. UCSC: A brief history 60s University Placement Committee A lot of field trips/interaction with employers.
Security Education and Awareness Workshop January 15-16, 2004 Baltimore, MD.

Security Education and Awareness Workshop January 15-16, 2004 Baltimore, MD.
HEISC Town Hall Webinar: 2012-2013 Strategic Plan Host: Larry Conrad CIO, UNC-Chapel Hill & HEISC Co-Chair.

HEISC Town Hall Webinar: Strategic Plan Host: Larry Conrad CIO, UNC-Chapel Hill & HEISC Co-Chair.
Internet2, CENIC and Merit: Partnering to Deliver Cloud Services to California.

Internet2, CENIC and Merit: Partnering to Deliver Cloud Services to California.
Research and Educational Networking Information Analysis and Sharing Center (REN-ISAC) Mark S. Bruhn, Interim Director University Copyright.

Research and Educational Networking Information Analysis and Sharing Center (REN-ISAC) Mark S. Bruhn, Interim Director University Copyright.
REN-ISAC Update Doug Pearson, REN-ISAC Technical Director DICE 12 February 2008 Athens, Greece 1.

REN-ISAC Update Doug Pearson, REN-ISAC Technical Director DICE 12 February 2008 Athens, Greece 1.
NEW CoEs STRATEGY. CoE CoEs Network Why? Changing sector environment New capacity building responses When? WTDC-10 Resolution 73 What? New CoEs strategy.

NEW CoEs STRATEGY. CoE CoEs Network Why? Changing sector environment New capacity building responses When? WTDC-10 Resolution 73 What? New CoEs strategy.
REN-ISAC Research and Education Networking Information Sharing and Analysis Center.

REN-ISAC Research and Education Networking Information Sharing and Analysis Center.
Higher Education Cybersecurity Strategy, Programs, and Initiatives Rodney Petersen Policy Analyst & Security Task Force Coordinator EDUCAUSE.

Higher Education Cybersecurity Strategy, Programs, and Initiatives Rodney Petersen Policy Analyst & Security Task Force Coordinator EDUCAUSE.
Www.umbc.edu EDUCAUSE/Internet2 Computer and Network Security Task Force Update www.educause.edu/security Jack Suess February 3, 2004.

EDUCAUSE/Internet2 Computer and Network Security Task Force Update Jack Suess February 3, 2004.
Higher Education-Industry Collaborations to Improve Security Joy Hughes, George Mason University Peter Siegel, University of California, Davis Jack Suess,

Higher Education-Industry Collaborations to Improve Security Joy Hughes, George Mason University Peter Siegel, University of California, Davis Jack Suess,
1 Fighting Back With An Alliance For Secure Computing And Networking Wayne Donald, Virginia Tech Cathy Hubbs, George Mason University Darlene Quackenbush,

1 Fighting Back With An Alliance For Secure Computing And Networking Wayne Donald, Virginia Tech Cathy Hubbs, George Mason University Darlene Quackenbush,
Enterprise Security. Mark Bruhn, Assoc. VP, Indiana University Jack Suess, VP of IT, UMBC.

Enterprise Security. Mark Bruhn, Assoc. VP, Indiana University Jack Suess, VP of IT, UMBC.
Serving MERLOT on Your Campus Gerry Hanley California State University and MERLOT Seminars on Academic Computing August 7, 2002 Snowmass CO Copyright Gerard.

Serving MERLOT on Your Campus Gerry Hanley California State University and MERLOT Seminars on Academic Computing August 7, 2002 Snowmass CO Copyright Gerard.
School Councils 101 Fall School Council Orientation Forum YRDSB 2009.

School Councils 101 Fall School Council Orientation Forum YRDSB 2009.
BCNET Security Policies Jens Haeusser Information Security Officer, UBC and Chair, Security Working Group, BCNET Internet2 Joint Techs Vancouver, BC July.

BCNET Security Policies Jens Haeusser Information Security Officer, UBC and Chair, Security Working Group, BCNET Internet2 Joint Techs Vancouver, BC July.
Security Professionals Conference May 2008. REN-ISAC Goal The goal of the REN-ISAC is to aid and promote cyber security protection and response within.

Security Professionals Conference May REN-ISAC Goal The goal of the REN-ISAC is to aid and promote cyber security protection and response within.
Network Security Resources from the Department of Homeland Security National Cyber Security Division.

Network Security Resources from the Department of Homeland Security National Cyber Security Division.
AN INVITATION TO LEAD: United Way Partnerships Discussion of a New Way to Work Together. October 2012.

AN INVITATION TO LEAD: United Way Partnerships Discussion of a New Way to Work Together. October 2012.

Similar presentations

Ads by Google