Embed Size (px)
Citation preview
Higher EducationCybersecurity Strategy, Programs, and Initiatives
Rodney Petersen
Policy Analyst & Security Task Force Coordinator
EDUCAUSE
Higher Ed & Cybersecurity
Through its core mission of teaching and learning, it is the main source of our future leaders, innovators, and technical workforce.
Through research, it is the basic source of much of our new knowledge and subsequent technologies.
As complex institutions, colleges and universities operate some of the world’s largest collections of computers and high-speed networks.
Aim of Cybersecurity
Confidentiality - Computers, systems, and networks that contain information require protection from unauthorized use or disclosure.Integrity - Computers, systems, and networks that contain information must be protected from unauthorized, unanticipated, or unintentional modification.Availability - Computers, systems and networks must be available on a timely basis to meet mission requirements or to avoid substantial losses.
Strategic Goals of the Security Task Force
The Security Task Force received a grant from National Science Foundation to identify and implement a coordinated strategy for computer and network security for higher education. The following strategic goals have been identified: Education and Awareness Standards, Policies, and Procedures Security Architecture and Tools Organization and Information Sharing
Awareness and Training
GoalTo increase the awareness of the associated risks of computer and network use and the corresponding responsibilities of higher education executives and end-users of technology (faculty, staff, and students), and to further the professional development of information technology staff.
Programs Outreach to Higher Ed Associations and Beyond Annual Security Professionals Conference Education & Awareness Working Group
Initiatives Leadership Book on Computer & Network Security for Higher Ed National Cyber Security Awareness Month Cybersecurity Awareness Resource CD Executive Awareness, Student Awareness, & Training of IT Staff
Standards, Policies, & Procedures
GoalTo develop information technology standards, policies, and procedures that are appropriate, enforceable, and effective within the higher education community.
Program EDUCAUSE D.C. Office - Public Policy and Government Relations Institute for Computer Policy and Law Policies and Legal Issues Working Group Risk Assessment Working Group
Initiatives Principles to Guide Efforts to Improve Computer and Network
Security in Higher Education “IT Security for Higher Education: A Legal Perspective” Collection of Security Policies & Procedures Information Security Governance Assessment Tool CISWG Report: “Best Practices & Metrics for Information Security”
Security Architecture and Tools
GoalTo design, develop, and deploy infrastructures, systems, and services that incorporate security as a priority; and to employ technology to monitor resources and minimize adverse consequences of security incidents.
Programs Effective Practices & Solutions Working Group Internet2 Security Initiatives – SALSA: Security at Line Speed PKI, Middleware, and Identity Management Initiatives
Initiatives Effective IT Security Practices Guide Whitepaper on Automating Network Policy Enforcement Information Security Governance Assessment Tool Center for Internet Security Benchmarks
Organization & Info Sharing
GoalTo create the capacity for a college or university to effectively deploy a comprehensive security architecture (people, process, and technology), and to leverage the collective wisdom and expertise of the higher education community.
Programs Security Discussion Group Annual Security Professionals Conference Research & Education Networking ISAC (REN-ISAC) Cyber Security Forum for Higher Education National Cyber Security Partnership Partnership for Critical Infrastructure Security
Initiatives Supporting State/Regional Security Efforts Incident Response/Handling
For more information
EDUCAUSE/Internet2 Security Task Force
www.educause.edu/security
Rodney Petersen
202.331.5368
