Presentation is loading. Please wait.

Presentation is loading. Please wait.

Www.umbc.edu EDUCAUSE LIVE EDUCAUSE/Internet2 Computer and Network Security Task Force Update www.educause.edu/security Jack Suess January 21, 2004.

Published byNatalie Collins Modified over 9 years ago

Similar presentations

Presentation on theme: "Www.umbc.edu EDUCAUSE LIVE EDUCAUSE/Internet2 Computer and Network Security Task Force Update www.educause.edu/security Jack Suess January 21, 2004."— Presentation transcript:

1 www.umbc.edu EDUCAUSE LIVE EDUCAUSE/Internet2 Computer and Network Security Task Force Update www.educause.edu/security Jack Suess January 21, 2004

2 Jack@umbc.edu 2 Security Task Force www.educause.edu/security/task-force.asp The web site provides information on the task force members, activities, initiatives, and links to a number of security resources. Today I will briefly discuss a few of the initiatives underway that we hope are responding to the needs of higher education.

3 Jack@umbc.edu 3 REN-ISAC at Indiana University Indiana’s Global NOC has a unique view of network connections among universities on Internet2 (e.g. Slammer or Nachi traffic) The REN-ISAC has 7x24 network and security expertise on site. They have access to DHS and the other 12 industry ISAC’s for early warning information The REN-ISAC is working on ways to summarize and disseminate findings Visit www.ren-isac.net

4 Jack@umbc.edu 4 Vendor Engagement Vendor practices have a significant impact on higher education security EDUCAUSE established the Cyber Security Forum to develop linkages with the vendor community. Members include - Microsoft, IBM, Dell, HP, Datatel, PeopleSoft, Oracle, Cisco, Apple, Sun, and SCT Members of the task force visited Microsoft in September to explain the needs of higher education. Microsoft has been very responsive to suggestions.

5 Jack@umbc.edu 5 Legal Issues and Institutional Policies Commissioned a white paper on higher education legal issues related to IT Security We are working closely with other higher education groups to make security a priority throughout higher education This fall we released the EDUCAUSE book - Computer and Network Security in Higher Education NSF Workshop resulted in Principles to Guide Efforts to Improve Computer and Network Security in Higher Education We continue to make connections with the federal government agencies -- NIST, DHS, and NSA regarding security –Task force is actively participating in National Cyber Security Forum task forces

6 Jack@umbc.edu 6 Risk Assessment and Tools Risk assessment is a critical component in developing a campus IT Security Plan We have worked with the CMU Software Engineering Institute (SEI) to learn the SEI OCTAVE risk assessment process and are working to streamline this for Higher Education We continue to build partnerships with the auditing community. Rob Clark, Director of Internal Audit for Ga. Tech. Has joined the task force and will be leading an initiative on risk management in higher ed

7 Jack@umbc.edu 7 Research and Development Initiatives Members of the task force are participating in two R&D activities: Ken Klingenstein of U. of Colorado and Internet2 is leading a group named Security @ Line Speed (S@LS). The purpose: How does higher education balance security and performance in advanced networks Computer Incident and Factor Analysis Categorization (CIFAC) project led by Dr. Virginia Rezmierski of U. of Michigan is looking at incident classification.

8 Jack@umbc.edu 8 Education and Awareness Initiative Security and awareness is consistently listed as a critical need. Less 40% of institutions have active awareness programs Mark Bruhn of Indiana and Kelley Bogart of U. of Arizona are co-chairing our security awareness working group. Last week we held a 1.5 day workshop to identify how to make quick progress and what to focus on for long-term needs This working group is working closely with the National Cyber Security Summit sub- committee on Awareness Finally, May 16-18 we will hold the 2nd Annual Security Professionals Workshop in Washington, D.C.

9 Jack@umbc.edu 9 Effective Practices Initiative The goal of the initiative is to identify and publicize practical approaches to preventing, detecting, and responding to security problems University security officers and supporting staff solicit, develop, and review the submitted practices. Effective instead of best because higher education is too diverse for a one-size fits all approach that best implies. We hope to have multiple entries per topic from different institution types

10 Jack@umbc.edu 10

11 Jack@umbc.edu 11 Effective Security Practices Guide Focus Areas Online at the www.educause.edu/security/guide Contents include Education, Training and Awareness Risk Analysis and Management Security Architecture Design Network and Host Vulnerability Assessment Network and Host Security Implementation Intrusion and Virus Detection Incident Response Encryption, Authentication & Authorization Presently we have 25 practices available

12 www.umbc.edu Evolution of Security Practices

13 Jack@umbc.edu 13 Resources and Events Resources www.educause.edu/security security.internet2.edu www.ren-isac.net Events 2nd Security Professionals Workshop May 16-18, 2004 in Washington, D.C.

Download ppt "Www.umbc.edu EDUCAUSE LIVE EDUCAUSE/Internet2 Computer and Network Security Task Force Update www.educause.edu/security Jack Suess January 21, 2004."

Similar presentations

The University of Best Practices American Society of Civil Engineers Student Chapter.

The University of Best Practices American Society of Civil Engineers Student Chapter.
Security Education and Awareness Workshop January 15-16, 2004 Baltimore, MD.

Security Education and Awareness Workshop January 15-16, 2004 Baltimore, MD.
REN-ISAC Research and Education Networking Information Sharing and Analysis Center AMSAC Update July 10, 2008 1.

REN-ISAC Research and Education Networking Information Sharing and Analysis Center AMSAC Update July 10,
Andrea Eastman-Mullins Information & Technology Coordinator University of North Carolina, Office of the President Teaching and Learning with Technology.

Andrea Eastman-Mullins Information & Technology Coordinator University of North Carolina, Office of the President Teaching and Learning with Technology.
David A. Brown Chief Information Security Officer State of Ohio

David A. Brown Chief Information Security Officer State of Ohio
Campus Approaches to Improving Cyber Security Awareness Presented by: Krizi Trivisani, Chief Security Officer The George Washington University EDUCAUSE.

Campus Approaches to Improving Cyber Security Awareness Presented by: Krizi Trivisani, Chief Security Officer The George Washington University EDUCAUSE.
Research and Educational Networking Information Analysis and Sharing Center (REN-ISAC) Mark S. Bruhn, Interim Director University Copyright.

Research and Educational Networking Information Analysis and Sharing Center (REN-ISAC) Mark S. Bruhn, Interim Director University Copyright.
1 © 2003 Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID THE NETWORK SECURITY CHALLENGE Jack Suess CIO University of Maryland Baltimore.

1 © 2003 Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID THE NETWORK SECURITY CHALLENGE Jack Suess CIO University of Maryland Baltimore.
Advancing Security Programs through Partnerships Cathy HubbsShirley Payne IT Security Coordinator Director for Security Coordination & Policy George Mason.

Advancing Security Programs through Partnerships Cathy HubbsShirley Payne IT Security Coordinator Director for Security Coordination & Policy George Mason.
SECR 5140-FL Critical Infrastructure Protection Dr. Barry S. Hess Spring 2 Semester Week 3: 1 April 2006.

SECR 5140-FL Critical Infrastructure Protection Dr. Barry S. Hess Spring 2 Semester Week 3: 1 April 2006.
Higher Education Cybersecurity Strategy, Programs, and Initiatives Rodney Petersen Policy Analyst & Security Task Force Coordinator EDUCAUSE.

Higher Education Cybersecurity Strategy, Programs, and Initiatives Rodney Petersen Policy Analyst & Security Task Force Coordinator EDUCAUSE.
1 Effective Cybersecurity Practices for Higher Education Educause Southeast Regional Conference Seminar 1A June 6, 2005 Mary Dunker Virginia Tech Tammy.

1 Effective Cybersecurity Practices for Higher Education Educause Southeast Regional Conference Seminar 1A June 6, 2005 Mary Dunker Virginia Tech Tammy.
Www.umbc.edu EDUCAUSE/Internet2 Computer and Network Security Task Force Update www.educause.edu/security Jack Suess February 3, 2004.

EDUCAUSE/Internet2 Computer and Network Security Task Force Update Jack Suess February 3, 2004.
1 Institutions as Allies in the Security Challenge Wayne Donald, Virginia Tech Cathy Hubbs, George Mason University Darlene Quackenbush, James Madison.

1 Institutions as Allies in the Security Challenge Wayne Donald, Virginia Tech Cathy Hubbs, George Mason University Darlene Quackenbush, James Madison.
Information Security Governance in Higher Education Policy2004 The EDUCAUSE Policy Conference Gordon Wishon EDUCAUSE/Internet 2 Security Task Force This.

Information Security Governance in Higher Education Policy2004 The EDUCAUSE Policy Conference Gordon Wishon EDUCAUSE/Internet 2 Security Task Force This.
Information Assurance and Higher Education Clifton Poole National Defense University Carl Landwehr National Science Foundation Tiffany Olson Jones Symantec.

Information Assurance and Higher Education Clifton Poole National Defense University Carl Landwehr National Science Foundation Tiffany Olson Jones Symantec.
1 Fighting Back With An Alliance For Secure Computing And Networking Wayne Donald, Virginia Tech Cathy Hubbs, George Mason University Darlene Quackenbush,

1 Fighting Back With An Alliance For Secure Computing And Networking Wayne Donald, Virginia Tech Cathy Hubbs, George Mason University Darlene Quackenbush,
© 2003, EDUCAUSE/Internet2 Computer and Network Security Task Force Computer Access, Privacy and Security: Legal Obligations and Liabilities Rodney J.

© 2003, EDUCAUSE/Internet2 Computer and Network Security Task Force Computer Access, Privacy and Security: Legal Obligations and Liabilities Rodney J.
Enterprise Security. Mark Bruhn, Assoc. VP, Indiana University Jack Suess, VP of IT, UMBC.

Enterprise Security. Mark Bruhn, Assoc. VP, Indiana University Jack Suess, VP of IT, UMBC.
Accessibility, Integrity, & Confidentiality: Security Challenges for E-Business Rodney J. Petersen University of Maryland & Educause/Internet2 Security.

Accessibility, Integrity, & Confidentiality: Security Challenges for E-Business Rodney J. Petersen University of Maryland & Educause/Internet2 Security.

Similar presentations

Ads by Google