1 Effective Incident Response Presented by Greg Hedrick, Manager of Security Services Copyright Purdue University 2007. This work is the intellectual property.

Slides:

Advertisements

Similar presentations

What Does the Net Generation Expect From Us? SAC August 8, 2005 SAC August 8, 2005 Copyright © 2005, Joel L. Hartman. This work is the intellectual property.

Advertisements

Crisis Communications for Security Issues: A Nightmare You Can Manage Marilu Goodyear Donna Liss Allison Rose Lopez Jenny Mehmedovic The University of.

Copyright Sylvia Maxwell and Michael White, This work is the intellectual property of the author. Permission is granted for this material to be shared.

Making the Case for Security: An Application of the NIST Security Assessment Framework to GW January 17, 2003 David Swartz Chief Information Officer Guy.

A Model for IT Policy Development Marilu Goodyear & Beth Forrest Warner University of Kansas Educause 2001October 29, 2001.

Advancing Security Programs through Partnerships Cathy HubbsShirley Payne IT Security Coordinator Director for Security Coordination & Policy George Mason.

UWM CIO Office A Collaborative Process for IT Training and Development Copyright UW-Milwaukee, This work is the intellectual property of the author.

Pam Downs Ajay Gupta The Pennsylvania Prince George’s State University Community College "Copyright Penn State University This work is the intellectual.

1 IT Security-related Legislation Judy Borreson Caruso CUMREC 2004 May 18, 2004 Copyright Judy Borreson Caruso, This work is the intellectual property.

Developing Professional Leaders Georgia Institute of Technology Linda A. Cabot, Director, OIT/ITS EDUCAUSE Midwest Regional 2006 Copyright Linda A. Cabot,

Tales from the Trenches Copyright Long, Mitrano, McGovern, and Orr, This work is the intellectual property of the authors. Permission is granted.

1 Institutions as Allies in the Security Challenge Wayne Donald, Virginia Tech Cathy Hubbs, George Mason University Darlene Quackenbush, James Madison.

Information Security Governance in Higher Education Policy2004 The EDUCAUSE Policy Conference Gordon Wishon EDUCAUSE/Internet 2 Security Task Force This.

Center for Instructional Technology James Madison University Strategies for Transitioning to the Age of Digital Media Sarah E. Cheverton James Madison.

Intellectual Property Protocol and Assessment for Distance Learning Liz Johnson Project Manager Advanced Learning Technologies Board of Regents of the.

1 Fighting Back With An Alliance For Secure Computing And Networking Wayne Donald, Virginia Tech Cathy Hubbs, George Mason University Darlene Quackenbush,

The Team Approach: A Paradigm Shift for Designing Successful Online Courses NERCOMP 2005 College for Lifelong Learning, Manchester, NH.

Classroom Technologies Re-organization Copyright Kathy Bohnstedt, This work is the intellectual property of the author. Permission is granted for.

Best Practices For Using Technology To Deliver Instructional Support Services Dr. Steven G. Sachs Northern Virginia Community College Copyright Steven.

Herding CATS: the Community of Academic Technology Staff Lou Zweier, Director CSU Center for Distributed Learning The California State University NLII,

Sharing Information and Controlling Content: Continuing Challenges for Higher Education Susanna Frederick Fischer Assistant Professor Columbus School of.

Please Note: Copyright –David L. Snellman This work is the intellectual property of the author. Permission is granted for this material to be shared.

What comes after reliability? Dave King Executive Director Indiana Higher Education Telecommunication System StateNets04 February 2004 Tempe.

Ten Thing IT Staff Need to Know About Education Records Privacy Ten Things IT Staff Need to Know About Education Records Privacy Jeff von Munkwitz-Smith.

Moving Your Paperwork Online University of California, Irvine presents PayQuest Copyright UC,Irvine This work is the.

Copyright Michael White and Sandra Thompson, This work is the intellectual property of the author. Permission is granted for this material to be.

Using Wireless Technology at a Small Urban Institution Bank Street College Copyright Christina D'Aiello and Arlen E. Rauschkolb, This work is the.

Managing Intellectual Property for Distance Learning Liz Johnson Project Manager Advanced Learning Technologies Board of Regents of the University System.

Issues Associated with ePortfolios in Small Colleges EDUCAUSE Mid-Atlantic Regional Conference 2006 Ed Barboni, Senior Advisor, Council of Independent.

Higher Education and the New International Imperative David Ward President American Council on Education Global Challenges and Higher Education Duke University.

Center for Planning and Information Technology T HE C ATHOLIC U NIVERSITY of A MERICA ERP Systems: Ongoing Support Challenges and Opportunities Copyright.

Discussion Panelists: Justin C. Klein Keane Sr. Information Security Specialist University of Pennsylvania Jonathan Hanny Application Security Specialist.

NERCOMP 2002 Ten Things IT Staff Need to Know About Education Records Privacy Jeff von Munkwitz-Smith University Registrar University of Connecticut.

Taking Cyber Security Awareness to the Street Community Aware.

Grids USC Case Study Copyright Shelley Henderson This work is the intellectual property of the author. Permission is granted for this material to.

Developing Professional Leaders Georgia Institute of Technology Linda A. Cabot, Director, ITS John Mullin, CIO, OIT Copyright Linda A. Cabot, This.

Safeguarding Research Data Policy and Implementation Challenges Miguel Soldi February 24, 2006 THE UNIVERSITY OF TEXAS SYSTEM.

George Mason University Assessing Technology Support: Using Portfolios to Set Goals and Measure Progress Anne Agee, Star Muir, Walt Sevon Information Technology.

3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 NMI R3 Enterprise Directory Components.

NLII05 Annual Meeting Professional Development of Faculty and Instructional Technology Staff through Communities of Practice University of Memphis: Technology.

Copyright David A. Cox This work is the intellectual property of the author. Permission is granted for this material to be shared for non- commercial,

Effective Distribution of Academically Licensed Software ©2008 Brent West. This work is the intellectual property of the author. Permission is granted.

(C) , CyberLearning Labs, Inc. Introduction to ANGEL EDUCAUSE Midwest Regional Conference March 26, 2003 Christopher Clapp

Learning & Teaching = Activities Copyright Steve Ehrmann & Nikki Reynolds, This work is the intellectual property of the author. Permission is granted.

Integration is Critical for Success Curriculum Course Delivery Ongoing Support Instructor & Learner.

Portals and Web Standards Lessons Learned and Applied David Cook Copyright The University of Texas at Austin This work is the.

A Cat-Herding Tale Forging a Single Course Management System for a Decentralized Institution Copyright Abdul Shibli, 2004.This work is the intellectual.

IT Security Challenges In Higher Education Steve Schuster Cornell University Copyright Steve Schuster This work is the intellectual property of.

1 Top 10 Challenges of the Academic Technology Community John P. Campbell & Dennis A. Trinkle EDUCAUSE Live! Monday, May 21, :00-2:00 PM Copyright.

Copyright © 2011 Rachel Fourny. This work is the intellectual property of Rachel Fourny. Permission is granted for this material to be shared for non-commercial,

Quickly Establishing A Workable IT Security Program EDUCAUSE Mid-Atlantic Regional Conference January 10-12, 2006 Copyright Robert E. Neale This.

Bringing it All Together: Charting Your Roadmap CAMP: Charting Your Authentication Roadmap February 8, 2007 Paul Caskey Copyright Paul Caskey This.

NMI-EDIT and Rice University Federated Identity Management: Managing Access to Resources in Texas Barry Ribbeck Director System Architecture and Infrastructure.

The Duluth Area CIO’s Consortium Collaborating with Regional IT Organizations Copyright Linda Deneen and Lynne Hamre, This work is the intellectual.

Copyright James Kulich This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,

© 2009 Pittsburgh Supercomputing Center Server Virtualization and Security Kevin Sullivan Copyright Kevin Sullivan, Pittsburgh Supercomputing.

Chief Information Officer Effectiveness in Higher Education Wayne Brown, Ph.D. Copyright Wayne Brown This work is the intellectual property of the.

Copyright Michael White and Sylvia Maxwell, This work is the intellectual property of the author. Permission is granted for this material to be shared.

© Scottsdale Community College Leveraging the Power of E-Learning Taking your course to a higher level Presented by Sidne Tate Director, Instructional.

Top 10 Challenges of the Academic Technology Community Veronica Diaz, John Campbell, Dennis Trinkle Wednesday, October 24, :50 p.m. - 4:40 p.m.

Systemic Progress in Teaching and Learning Common Elements that Support Campus-Wide Innovation Copyright Andrea Nixon, A. Michael Berman, Christine Haile,

October 2006 Funded by JISC and ESRC to serve the UK academic and research communities. Voyage of the U.K. JISC Federation: Shibbolizing the U.K.'s Research,

Copyright Christine E. Haile & Justin D. Sipher This work is the intellectual property of the authors. Permission is granted for this material.

Breaking Down Barriers & Building Bridges Improves Customer Satisfaction & Efficiency Wendy Woodward | March 15, 2011 Copyright Wendy Woodward 2011.

Julian Hooker Assistant Managing Director Educause Southwest

Blaine A. Brownell, President,

Project for OnLine Instructional Support (POLIS)

myIS.neu.edu – presentation screen shots accompany:

An App A Day Copyright Tina Oestreich and Brian Yuhnke This work is the intellectual property of the author. Permission is granted for this material.

EDUCAUSE Networking 2002 Washington, D.C. April 17, 2002

Presentation transcript:

1 Effective Incident Response Presented by Greg Hedrick, Manager of Security Services Copyright Purdue University This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the author.

2 Effective Incident Response  Why start a formal program?  Definition of an IT Incident  The Process  Infrastructure Requirements  Communications Channels  Notable Items

3 Why start a formal program?  Manage Communications  Proactive Opportunities  Awareness Opportunities  Regulatory Compliance  Standardize Procedures  Identify System Owners

4 Definition of an IT Incident  Purdue Policy Definition Any event involving University IT Resources which violates Indiana state or U.S. federal law, or violates regulatory requirements which Purdue is obligated to honor, or violates Purdue University policies, or is determined to be harmful to the security and privacy of University data, or IT Resources associated with, students, faculty, staff, and/or the general public, or is construed as harassment, or involves the unexpected disruption of University services.

5 The Process

6 The Process Data Exposure Example

7 Infrastructure Requirements  People  Tools  Policy  Documented Procedures

8 Communication Channels  Secure Wiki  Policy  Presentations / Training  Trusted Community  Procedures  Mailing Lists  Monthly Reports

9 Notable Items  Clearly define “investigable” events  Dedicate staff to the process  Define “incident” carefully  Clearly define roles and responsibilities  Establish policy, procedures, training and infrastructure in parallel  Be prepared immediately for management reporting

10 Questions? Greg Hedrick