Educause Security Discussion mailing list archives
Re: future of cybersecurity in Higher Ed
From: Brad Judy <Brad.Judy () COLORADO EDU>
Date: Mon, 2 Oct 2006 08:46:08 -0600
I think there are a set of strategic security items that any given institution is at a different point in dealing with. Most of these tend to be cyclical in nature and will be revisited every few years as business needs and/or technology change. Some of the major strategic topics: Policy and procedure statements Authentication services (centralized auth, web auth) Network security (net authN, firewalls, packet shaping) Data/PII security (data inventory, encryption, etc) Host security (patching, training, etc) Malware (viruses, spyware, phishing) Risk assessment/management Web application security/content management Regulation compliance (FERPA, HIPPA, GLB, etc) As for IT security trends within the higher ed industry, I expect that many of us have recently gone through, or are going through, a cycle of data/PII security focus due to the data breaches of the past couple of years and the buzz on identity theft in the press. As for future items, look for the topic of authentication services to resurface for a lot of us as things like CardSpace get out to the end-user and we'll have to take a look at how our authentication services fit into a user-centric model. I couldn't say what's important to your campus - it depends on your business needs and what you've already addressed. One should avoid playing "follow the leader" with security (or strategic decisions in general) and evaluate the needs of your institution. Also, be careful not to think of more tactical security items as being strategic - it's a common trap of strategic planning that seems to be especially common in the IT security realm for some reason. Brad Judy IT Security Office Information Technology Services University of Colorado at Boulder _____ From: Bret R Blackman [mailto:bblackma () MAIL UNOMAHA EDU] Sent: Sunday, October 01, 2006 9:19 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] future of cybersecurity in Higher Ed All, What do you see as strategic issues and serious threats in regards to cybersecurity for Higher Education over the next 2 years? ------------------------------------------------------------------ Bret R. Blackman University of Nebraska at Omaha Director of Administrative Information Services Information Technology Services bblackma () mail unomaha edu
Current thread:
- future of cybersecurity in Higher Ed Bret R Blackman (Oct 01)
- <Possible follow-ups>
- Re: future of cybersecurity in Higher Ed John C. A. Bambenek (Oct 01)
- Re: future of cybersecurity in Higher Ed Michael McLaughlin (Oct 02)
- Re: future of cybersecurity in Higher Ed Steve Brukbacher (Oct 02)
- Re: future of cybersecurity in Higher Ed Valdis Kletnieks (Oct 02)
- Re: future of cybersecurity in Higher Ed Brad Judy (Oct 02)
- Re: future of cybersecurity in Higher Ed Joe St Sauver (Oct 02)
- Re: future of cybersecurity in Higher Ed Jere Retzer (Oct 02)