Presentation on theme: "Higher Education Cybersecurity Strategy, Programs, and Initiatives Rodney Petersen Policy Analyst & Security Task Force Coordinator EDUCAUSE."— Presentation transcript:
Higher Education Cybersecurity Strategy, Programs, and Initiatives Rodney Petersen Policy Analyst & Security Task Force Coordinator EDUCAUSE
Higher Ed & Cybersecurity Through its core mission of teaching and learning, it is the main source of our future leaders, innovators, and technical workforce. Through research, it is the basic source of much of our new knowledge and subsequent technologies. As complex institutions, colleges and universities operate some of the world’s largest collections of computers and high-speed networks.
Aim of Cybersecurity Confidentiality - Computers, systems, and networks that contain information require protection from unauthorized use or disclosure. Integrity - Computers, systems, and networks that contain information must be protected from unauthorized, unanticipated, or unintentional modification. Availability - Computers, systems and networks must be available on a timely basis to meet mission requirements or to avoid substantial losses.
Strategic Goals of the Security Task Force The Security Task Force received a grant from National Science Foundation to identify and implement a coordinated strategy for computer and network security for higher education. The following strategic goals have been identified: Education and Awareness Standards, Policies, and Procedures Security Architecture and Tools Organization and Information Sharing
Awareness and Training Goal To increase the awareness of the associated risks of computer and network use and the corresponding responsibilities of higher education executives and end-users of technology (faculty, staff, and students), and to further the professional development of information technology staff. Programs Outreach to Higher Ed Associations and Beyond Annual Security Professionals Conference Education & Awareness Working Group Initiatives Leadership Book on Computer & Network Security for Higher Ed National Cyber Security Awareness Month Cybersecurity Awareness Resource CD Executive Awareness, Student Awareness, & Training of IT Staff
Standards, Policies, & Procedures Goal To develop information technology standards, policies, and procedures that are appropriate, enforceable, and effective within the higher education community. Program EDUCAUSE D.C. Office - Public Policy and Government Relations Institute for Computer Policy and Law Policies and Legal Issues Working Group Risk Assessment Working Group Initiatives Principles to Guide Efforts to Improve Computer and Network Security in Higher Education “IT Security for Higher Education: A Legal Perspective” Collection of Security Policies & Procedures Information Security Governance Assessment Tool CISWG Report: “Best Practices & Metrics for Information Security”
Security Architecture and Tools Goal To design, develop, and deploy infrastructures, systems, and services that incorporate security as a priority; and to employ technology to monitor resources and minimize adverse consequences of security incidents. Programs Effective Practices & Solutions Working Group Internet2 Security Initiatives – SALSA: Security at Line Speed PKI, Middleware, and Identity Management Initiatives Initiatives Effective IT Security Practices Guide Whitepaper on Automating Network Policy Enforcement Information Security Governance Assessment Tool Center for Internet Security Benchmarks
Organization & Info Sharing Goal To create the capacity for a college or university to effectively deploy a comprehensive security architecture (people, process, and technology), and to leverage the collective wisdom and expertise of the higher education community. Programs Security Discussion Group Annual Security Professionals Conference Research & Education Networking ISAC (REN-ISAC) Cyber Security Forum for Higher Education National Cyber Security Partnership Partnership for Critical Infrastructure Security Initiatives Supporting State/Regional Security Efforts Incident Response/Handling
For more information EDUCAUSE/Internet2 Security Task Force www.educause.edu/security Rodney Petersen firstname.lastname@example.org 202.331.5368