Presentation is loading. Please wait.

Presentation is loading. Please wait.

M ISSION : The mission of the information security office is to assist in building a security aware university culture through education and technical.

Published byMilton Watts Modified over 9 years ago

Similar presentations

Presentation on theme: "M ISSION : The mission of the information security office is to assist in building a security aware university culture through education and technical."— Presentation transcript:

1

2

3 M ISSION : The mission of the information security office is to assist in building a security aware university culture through education and technical assistance to all university stakeholders and to promote the safe and secure use of information technology resources.

4 G OAL – C YBER R ESILIENT U NIVERSITY  SIG – Information Risk Management  ISO – Broad Operational Security  COBIT - Governance  STIX – Threat Intelligence  NIST – Topical Standards Guidance

5 W HAT W E D O : Assist in the development of processes, procedures, and policies for the protection of confidential information, the protection of individuals privacy, and the protection of university information resources Assist in the identification and mitigation of information security risks Assist with defining security requirements Assist university units in achieving their compliance requirements based on applicable laws, regulations, and best practices Provide assistance to users and departments regarding information security issues and the resolution of information security issues Improve campus awareness of information security through communication, open dialogue, and training activities

6 E VOLUTION OF I NFORMATION S ECURITY IT Security Information Security IT Risk Management Information Risk Management 1990 - 19982015 - ????2005 - 20141999 - 2004

7 EDUCATIONAL INSTITUTIONS ARE AMONG THE MOST VULNERABLE BECAUSE THEY HOLD TREASURE TROVES OF PERSONAL INFORMATION - San Francisco Business Times -

8 F ORCES ON I NFORMATION S ECURITY

9 A WARENESS USL Program – Reboot Awareness & Training

10 I NFORMATION S ECURITY R ISK M ANAGEMENT P ROGRAM :  Enterprise Risk Assessment  Threat Assessment  Unit Based Risk Assessment  Individual Project/Proposal Risk Assessment  Risk & Threat Mitigation Strategies  Coordination with Internal Audit

11 Policies Procedures Guidelines & Standards M ASTER D ATA A CCESS P LAN : Master Data Access Plan

12 C YBER E VENT R ESPONSE : IT Cyber Event Response Plan The University IT Cyber Event Response Plan (i.e., IT-CERT Plan) includes the following tasks: Ι. Detection – Identification and Reporting ΙΙ. Containment ΙΙΙ. Eradication IV. Recovery V. Follow-up

13 E VENT C LASSIFICATIONS : Event (or Cyber Event) Potential Event Non-Event Response Event Incident Potential Breach Breach

14 T HE S ECURITY J OURNEY Ad Hoc Business Aligned Risk Based Intelligence Driven Threat Based Compliance Based Infrastructure Based

15 F INAL T HOUGHTS Many exciting things are happening We are always here to help We can’t do this alone, Information Security requires everyone Contact Information: Kevin Crouse: (309) 438-5533 ktcrous@ilstu.edu

16 Q UESTIONS ?

Download ppt "M ISSION : The mission of the information security office is to assist in building a security aware university culture through education and technical."

Similar presentations

HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.

HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.
USG INFORMATION SECURITY PROGRAM AUDIT: ACHIEVING SUCCESSFUL AUDIT OUTCOMES Cara King Senior IT Auditor, OIAC.

USG INFORMATION SECURITY PROGRAM AUDIT: ACHIEVING SUCCESSFUL AUDIT OUTCOMES Cara King Senior IT Auditor, OIAC.
CAMP Med Building a Health Information Infrastructure to Support HIPAA Rick Konopacki, MSBME HIPAA Security Coordinator University of Wisconsin-Madison.

CAMP Med Building a Health Information Infrastructure to Support HIPAA Rick Konopacki, MSBME HIPAA Security Coordinator University of Wisconsin-Madison.
David A. Brown Chief Information Security Officer State of Ohio

David A. Brown Chief Information Security Officer State of Ohio
Agenda COBIT 5 Product Family Information Security COBIT 5 content

Agenda COBIT 5 Product Family Information Security COBIT 5 content
The Office of Information Technology Information Security Administrator Kenneth Pierce, Vice Provost for IT and Chief Information Officer.

The Office of Information Technology Information Security Administrator Kenneth Pierce, Vice Provost for IT and Chief Information Officer.
National Protection and Programs Directorate Department of Homeland Security The Office of Infrastructure Protection Cybersecurity Brief [Date of presentation]

National Protection and Programs Directorate Department of Homeland Security The Office of Infrastructure Protection Cybersecurity Brief [Date of presentation]
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
A Covenant University Presentation By Favour Femi-Oyewole, BSc, MSc (Computer Science), MSc (Information Security) Certified COBIT 5 Assessor /Certified.

A Covenant University Presentation By Favour Femi-Oyewole, BSc, MSc (Computer Science), MSc (Information Security) Certified COBIT 5 Assessor /Certified.
Framework for Improving Critical Infrastructure Cybersecurity NIST Feb 2014.

Framework for Improving Critical Infrastructure Cybersecurity NIST Feb 2014.
COBIT - II.

COBIT - II.
NCHRP 20-59 (48) 2014 TRB ANNUAL MEETING Effective Practices for the Protection of Transportation Infrastructure from Cyber Incidents Dave Fletcher, Co-PI.

NCHRP (48) 2014 TRB ANNUAL MEETING Effective Practices for the Protection of Transportation Infrastructure from Cyber Incidents Dave Fletcher, Co-PI.
Security Controls – What Works

Security Controls – What Works
August 9, 2005 UCCSC -- 2005 IT Security at the University of California A New Initiative Jacqueline Craig. Director of Policy Information Resources and.

August 9, 2005 UCCSC IT Security at the University of California A New Initiative Jacqueline Craig. Director of Policy Information Resources and.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
ISO 17799: Standard for Security Ellie Myler & George Broadbent, The Information Management Journal, Nov/Dec ‘06 Presented by Bhavana Reshaboina.

ISO 17799: Standard for Security Ellie Myler & George Broadbent, The Information Management Journal, Nov/Dec ‘06 Presented by Bhavana Reshaboina.
National Cybersecurity Management System

National Cybersecurity Management System
Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident.

Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident.
Information Security Compliance System Owner Training Richard Gadsden Information Security Office Office of the CIO – Information Services Sharon Knowles.

Information Security Compliance System Owner Training Richard Gadsden Information Security Office Office of the CIO – Information Services Sharon Knowles.
Information Security Update CTC 18 March 2015 Julianne Tolson.

Information Security Update CTC 18 March 2015 Julianne Tolson.

Similar presentations

Ads by Google