www.umbc.edu educause live educause/internet2 computer and network security task force update jack...
TRANSCRIPT
![Page 1: Www.umbc.edu EDUCAUSE LIVE EDUCAUSE/Internet2 Computer and Network Security Task Force Update Jack Suess January 21, 2004](https://reader036.vdocuments.site/reader036/viewer/2022083005/56649f125503460f94c251d9/html5/thumbnails/1.jpg)
www.umbc.edu
EDUCAUSE LIVEEDUCAUSE LIVE
EDUCAUSE/Internet2 Computer EDUCAUSE/Internet2 Computer and Network Security Task Force and Network Security Task Force
UpdateUpdate
www.educause.edu/securitywww.educause.edu/security
Jack SuessJack SuessJanuary 21, 2004January 21, 2004
![Page 2: Www.umbc.edu EDUCAUSE LIVE EDUCAUSE/Internet2 Computer and Network Security Task Force Update Jack Suess January 21, 2004](https://reader036.vdocuments.site/reader036/viewer/2022083005/56649f125503460f94c251d9/html5/thumbnails/2.jpg)
Security Task ForceSecurity Task Force
www.educause.edu/security/task-force.asp
The web site provides information on the task force members, activities, initiatives, and links to a number of security resources.
Today I will briefly discuss a few of the initiatives underway that we hope are responding to the needs of higher education.
![Page 3: Www.umbc.edu EDUCAUSE LIVE EDUCAUSE/Internet2 Computer and Network Security Task Force Update Jack Suess January 21, 2004](https://reader036.vdocuments.site/reader036/viewer/2022083005/56649f125503460f94c251d9/html5/thumbnails/3.jpg)
REN-ISAC at Indiana REN-ISAC at Indiana UniversityUniversity
• Indiana’s Global NOC has a unique view of network connections among universities on Internet2 (e.g. Slammer or Nachi traffic)
• The REN-ISAC has 7x24 network and security expertise on site.
• They have access to DHS and the other 12 industry ISAC’s for early warning information
• The REN-ISAC is working on ways to summarize and disseminate findings
• Visit www.ren-isac.net
![Page 4: Www.umbc.edu EDUCAUSE LIVE EDUCAUSE/Internet2 Computer and Network Security Task Force Update Jack Suess January 21, 2004](https://reader036.vdocuments.site/reader036/viewer/2022083005/56649f125503460f94c251d9/html5/thumbnails/4.jpg)
Vendor EngagementVendor Engagement
• Vendor practices have a significant impact on higher education security
• EDUCAUSE established the Cyber Security Forum to develop linkages with the vendor community. Members include - Microsoft, IBM, Dell, HP, Datatel, PeopleSoft, Oracle, Cisco, Apple, Sun, and SCT
• Members of the task force visited Microsoft in September to explain the needs of higher education. Microsoft has been very responsive to suggestions.
![Page 5: Www.umbc.edu EDUCAUSE LIVE EDUCAUSE/Internet2 Computer and Network Security Task Force Update Jack Suess January 21, 2004](https://reader036.vdocuments.site/reader036/viewer/2022083005/56649f125503460f94c251d9/html5/thumbnails/5.jpg)
Legal Issues and Legal Issues and Institutional PoliciesInstitutional Policies
• Commissioned a white paper on higher education legal issues related to IT Security
• We are working closely with other higher education groups to make security a priority throughout higher education
• This fall we released the EDUCAUSE book - Computer and Network Security in Higher Education
• NSF Workshop resulted in Principles to Guide Efforts to Improve Computer and Network Security in Higher Education
• We continue to make connections with the federal government agencies -- NIST, DHS, and NSA regarding security– Task force is actively participating in
National Cyber Security Forum task forces
![Page 6: Www.umbc.edu EDUCAUSE LIVE EDUCAUSE/Internet2 Computer and Network Security Task Force Update Jack Suess January 21, 2004](https://reader036.vdocuments.site/reader036/viewer/2022083005/56649f125503460f94c251d9/html5/thumbnails/6.jpg)
Risk Assessment and ToolsRisk Assessment and Tools
• Risk assessment is a critical component in developing a campus IT Security Plan
• We have worked with the CMU Software Engineering Institute (SEI) to learn the SEI OCTAVE risk assessment process and are working to streamline this for Higher Education
• We continue to build partnerships with the auditing community. Rob Clark, Director of Internal Audit for Ga. Tech. Has joined the task force and will be leading an initiative on risk management in higher ed
![Page 7: Www.umbc.edu EDUCAUSE LIVE EDUCAUSE/Internet2 Computer and Network Security Task Force Update Jack Suess January 21, 2004](https://reader036.vdocuments.site/reader036/viewer/2022083005/56649f125503460f94c251d9/html5/thumbnails/7.jpg)
Research and Development Research and Development InitiativesInitiatives
Members of the task force are participating in two R&D activities:
• Ken Klingenstein of U. of Colorado and Internet2 is leading a group named Security @ Line Speed (S@LS). The purpose: How does higher education balance security and performance in advanced networks
• Computer Incident and Factor Analysis Categorization (CIFAC) project led by Dr. Virginia Rezmierski of U. of Michigan is looking at incident classification.
![Page 8: Www.umbc.edu EDUCAUSE LIVE EDUCAUSE/Internet2 Computer and Network Security Task Force Update Jack Suess January 21, 2004](https://reader036.vdocuments.site/reader036/viewer/2022083005/56649f125503460f94c251d9/html5/thumbnails/8.jpg)
Education and Awareness Education and Awareness InitiativeInitiative
• Security and awareness is consistently listed as a critical need. Less 40% of institutions have active awareness programs
• Mark Bruhn of Indiana and Kelley Bogart of U. of Arizona are co-chairing our security awareness working group.
• Last week we held a 1.5 day workshop to identify how to make quick progress and what to focus on for long-term needs
• This working group is working closely with the National Cyber Security Summit sub-committee on Awareness
• Finally, May 16-18 we will hold the 2nd Annual Security Professionals Workshop in Washington, D.C.
![Page 9: Www.umbc.edu EDUCAUSE LIVE EDUCAUSE/Internet2 Computer and Network Security Task Force Update Jack Suess January 21, 2004](https://reader036.vdocuments.site/reader036/viewer/2022083005/56649f125503460f94c251d9/html5/thumbnails/9.jpg)
Effective Practices InitiativeEffective Practices Initiative
• The goal of the initiative is to identify and publicize practical approaches to preventing, detecting, and responding to security problems
• University security officers and supporting staff solicit, develop, and review the submitted practices.
• Effective instead of best because higher education is too diverse for a one-size fits all approach that best implies. We hope to have multiple entries per topic from different institution types
![Page 11: Www.umbc.edu EDUCAUSE LIVE EDUCAUSE/Internet2 Computer and Network Security Task Force Update Jack Suess January 21, 2004](https://reader036.vdocuments.site/reader036/viewer/2022083005/56649f125503460f94c251d9/html5/thumbnails/11.jpg)
Effective Security Practices Effective Security Practices Guide Focus AreasGuide Focus Areas
Online at the www.educause.edu/security/guide
Contents include• Education, Training and Awareness• Risk Analysis and Management• Security Architecture Design• Network and Host Vulnerability Assessment• Network and Host Security Implementation• Intrusion and Virus Detection• Incident Response• Encryption, Authentication & AuthorizationPresently we have 25 practices available
![Page 12: Www.umbc.edu EDUCAUSE LIVE EDUCAUSE/Internet2 Computer and Network Security Task Force Update Jack Suess January 21, 2004](https://reader036.vdocuments.site/reader036/viewer/2022083005/56649f125503460f94c251d9/html5/thumbnails/12.jpg)
www.umbc.edu
Evolution of Security Practices
![Page 13: Www.umbc.edu EDUCAUSE LIVE EDUCAUSE/Internet2 Computer and Network Security Task Force Update Jack Suess January 21, 2004](https://reader036.vdocuments.site/reader036/viewer/2022083005/56649f125503460f94c251d9/html5/thumbnails/13.jpg)
Resources and EventsResources and Events
Resources• www.educause.edu/security• security.internet2.edu• www.ren-isac.net
Events
2nd Security Professionals WorkshopMay 16-18, 2004 in Washington, D.C.