Presentation is loading. Please wait.

Presentation is loading. Please wait.

NSF Cybersecuity Summit May 2008. REN-ISAC Goal The goal of the REN-ISAC is to aid and promote cyber security protection and response within the higher.

Published byLaurence Ross Modified over 8 years ago

Similar presentations

Presentation on theme: "NSF Cybersecuity Summit May 2008. REN-ISAC Goal The goal of the REN-ISAC is to aid and promote cyber security protection and response within the higher."— Presentation transcript:

1 NSF Cybersecuity Summit May 2008

2 REN-ISAC Goal The goal of the REN-ISAC is to aid and promote cyber security protection and response within the higher education and research (R&E) communities, through : the exchange of sensitive actionable information within a private trust community, the provision of direct security services, and serving as the R&E trusted partner within the formal ISAC community.

3 Benefits of Membership Participate, share information in the private trust community Receive actionable protection and response information, e.g. Daily Watch Report, Alerts, Advisories, and other Establish relationships with known and trusted peers Benefit from information sharing relationships constructed in the broad security community Benefit from vendor relationships (e.g. Microsoft SCP) Participate in technical security webinars Participate in REN-ISAC meetings, workshops, & training Have access to the 24x7 REN-ISAC Watch Desk Have access to active threat and other sensitive data feeds, e.g. for local IP and DNS block lists, sensor signatures, etc.

4 Membership Membership is open to: – institutions of higher education, – teaching hospitals, – research and education network providers, and – government-funded research organizations; – international, although focused on U.S. Currently, membership guidelines are roughly: – must have organization-wide responsibilities for cyber security protection and response, – must be permanent staff, and – must be vouched-for (personal trust) by 2 existing members – http://www.ren-isac.net/membership.html

5 Membership People Orgs

6 REN-ISAC is a Cooperative Effort Member participation is a cornerstone of REN-ISAC Advisory Groups – Executive Advisory Group: IU, LSU, Oakland U, Reed College, U Mass, UMBC, U Montana, Internet2, and EDUCAUSE – Technical Advisory Group: Cornell, IU, Neustar, MOREnet, Team Cymru, UC Berkeley, U Mass, U Minn, U Oregon, and WPI Analysis Teams – Microsoft Analysis Team: Colorado, IU, NYU, UIUC, U Washington Service development teams – Numerous Dedicated resource contributors: IU, LSU, Internet2 Other major, e.g. systems, tools, coordination, etc: – LSU, Buffalo, Brandeis, WPI, and MOREnet

7 Information Sharing REN-ISAC is a private trust community for sharing sensitive information. The private and trusted character – provides a safe zone for the sharing of organizational incident experience, – protects information about our methods and sources, and – protects information which if publicly disclosed would abet our adversaries.

8 Information Products Daily Watch Report provides situational awareness. Alerts provide critical and timely information concerning new or increasing threat. Notifications identify specific sources and targets of active threat or incident involving R&E. Sent directly to contacts at involved sites. Feeds provide specific identifying information regarding known active sources of threat; useful for IP and DNS block lists, sensor signatures, etc. Advisories inform regarding specific practices or approaches that can improve security posture. TechBurst webcasts provide instruction on technical topics relevant to security protection and response. Monitoring views provide summary views from sensor systems, useful for situational awareness.

9 Notifications Sent

10 Information Products: Notifications: REN-ISAC EDU Storm Worm Daily Notifications Beginning Feb 21 REN-ISAC source of ongoing intelligence regarding compromised systems operating in the Storm Worm botnet. REN-ISAC sent daily notifications identifying the compromised machines to security contacts at the machine-owning organizations. 10

11 11 Notifications quickly and dramatically blunted the severity of Storm infections in EDU Information Products: Notifications: REN-ISAC EDU Storm Worm Daily Notifications

12 Throughout July and August, utilizing the Internet2 Arbor Networks Peakflow system, REN-ISAC detected and responded to ~dozen Storm Worm DDoS attacks transiting the Internet2 network. On Sept 9 R-I issued an Alert to the R&E community, “Storm Worm DDoS Threat to the EDU Sector” 12 Information Products: Notifications: REN-ISAC EDU Storm Worm Daily Notifications

13 The Microsoft MSRT (Malicious Software Removal Tool) is updated for Storm on 9/11 13 Information Products: Notifications: REN-ISAC EDU Storm Worm Daily Notifications

14 Priorities for the Coming Year Not in priority order: Membership growth Implement the two-tiered membership model Implement the sustainability & growth business plan Facilitate various forms of member involvement and contribution Development of additional information sharing relationships, and care and feeding of existing relationships Assessment of current services and member needs Scanning Services project Cyber Security Registry Various tool and service projects

15 How to Join http://www.ren-isac.net/membership.html Paraphrased: – must have organization-wide responsibilities for cyber security protection and response, – at an institution of higher education, teaching hospital, research and education network provider, or government-funded research organization, – must be permanent staff, and – must be vouched-for (personal trust) by 2 existing members.

16 Contacts http://www.ren-isac.net 24x7 Watch Desk: soc@ren-isac.net +1(317)278-6630 Doug Pearson, Technical Director dodpears@ren-isac.net Mark Bruhn, Executive Director mbruhn@iu.edu Gabriel Iovino, Principal Security Engineer giovino@ren-isac.net

Download ppt "NSF Cybersecuity Summit May 2008. REN-ISAC Goal The goal of the REN-ISAC is to aid and promote cyber security protection and response within the higher."

Similar presentations

International Telecommunication Union An Insight into BDT Programme 3 Marco Obiso ICT Applications and Cybersecurity Division Telecommunication Development.

International Telecommunication Union An Insight into BDT Programme 3 Marco Obiso ICT Applications and Cybersecurity Division Telecommunication Development.
REN-ISAC Research and Education Networking Information Sharing and Analysis Center AMSAC Update July 10, 2008 1.

REN-ISAC Research and Education Networking Information Sharing and Analysis Center AMSAC Update July 10,
Jason Ming Sun ICT Academic Systems University of South Africa Government CIO Summit Towards reducing costs of doing business in government.

Jason Ming Sun ICT Academic Systems University of South Africa Government CIO Summit Towards reducing costs of doing business in government.
Research and Educational Networking Information Analysis and Sharing Center (REN-ISAC) Doug Pearson Director, REN-ISAC

Research and Educational Networking Information Analysis and Sharing Center (REN-ISAC) Doug Pearson Director, REN-ISAC
International Workshop on Institutional Capacity Development in Transboundary Basins 10 - 12 November 2008, Bonn, Germany Le Duc Trung Acting Secretary.

International Workshop on Institutional Capacity Development in Transboundary Basins November 2008, Bonn, Germany Le Duc Trung Acting Secretary.
EETAP UPDATE Presented By Dr. Augusto Medina University of Wisconsin-Stevens Point Welcome.

EETAP UPDATE Presented By Dr. Augusto Medina University of Wisconsin-Stevens Point Welcome.
© 2003 Carnegie Mellon University slide 1 Building CSIRT Capabilities and the State of the Practice Georgia Killcrece CSIRT Development Team CERT ® Training.

© 2003 Carnegie Mellon University slide 1 Building CSIRT Capabilities and the State of the Practice Georgia Killcrece CSIRT Development Team CERT ® Training.
S2-1 © 2001 Carnegie Mellon University OCTAVE SM Process 2 Identify Operational Area Management Knowledge Software Engineering Institute Carnegie Mellon.

S2-1 © 2001 Carnegie Mellon University OCTAVE SM Process 2 Identify Operational Area Management Knowledge Software Engineering Institute Carnegie Mellon.
Abilene Transit Security Policy Joint Techs Summer ’05 Vancouver, BC, CA Steve Cotter Director, Network Services Steve Cotter Director,

Abilene Transit Security Policy Joint Techs Summer ’05 Vancouver, BC, CA Steve Cotter Director, Network Services Steve Cotter Director,
DHS, National Cyber Security Division Overview

DHS, National Cyber Security Division Overview
Research and Educational Networking Information Analysis and Sharing Center (REN-ISAC) Mark S. Bruhn, Interim Director University Copyright.

Research and Educational Networking Information Analysis and Sharing Center (REN-ISAC) Mark S. Bruhn, Interim Director University Copyright.
Advancing Security Programs through Partnerships Cathy HubbsShirley Payne IT Security Coordinator Director for Security Coordination & Policy George Mason.

Advancing Security Programs through Partnerships Cathy HubbsShirley Payne IT Security Coordinator Director for Security Coordination & Policy George Mason.
REN-ISAC Update Doug Pearson, REN-ISAC Technical Director DICE 12 February 2008 Athens, Greece 1.

REN-ISAC Update Doug Pearson, REN-ISAC Technical Director DICE 12 February 2008 Athens, Greece 1.
1 REN-ISAC Research and Education Networking Information Sharing and Analysis Center Internet2 Member’s Meeting Chicago 5 December 2006.

1 REN-ISAC Research and Education Networking Information Sharing and Analysis Center Internet2 Member’s Meeting Chicago 5 December 2006.
(Geneva, Switzerland, September 2014)

(Geneva, Switzerland, September 2014)
National Institute of Standards and Technology Computer Security Division Information Technology Laboratory Threat Information Sharing; Perspectives, Strategies,

National Institute of Standards and Technology Computer Security Division Information Technology Laboratory Threat Information Sharing; Perspectives, Strategies,
REN-ISAC Research and Education Networking Information Sharing and Analysis Center.

REN-ISAC Research and Education Networking Information Sharing and Analysis Center.
Higher Education Cybersecurity Strategy, Programs, and Initiatives Rodney Petersen Policy Analyst & Security Task Force Coordinator EDUCAUSE.

Higher Education Cybersecurity Strategy, Programs, and Initiatives Rodney Petersen Policy Analyst & Security Task Force Coordinator EDUCAUSE.
Www.umbc.edu EDUCAUSE/Internet2 Computer and Network Security Task Force Update www.educause.edu/security Jack Suess February 3, 2004.

EDUCAUSE/Internet2 Computer and Network Security Task Force Update Jack Suess February 3, 2004.
Higher Education-Industry Collaborations to Improve Security Joy Hughes, George Mason University Peter Siegel, University of California, Davis Jack Suess,

Higher Education-Industry Collaborations to Improve Security Joy Hughes, George Mason University Peter Siegel, University of California, Davis Jack Suess,

Similar presentations

Ads by Google