Campus Approaches to Improving Cyber Security Awareness Presented by: Krizi Trivisani, Chief...
-
Upload
maria-williams -
Category
Documents
-
view
219 -
download
2
Transcript of Campus Approaches to Improving Cyber Security Awareness Presented by: Krizi Trivisani, Chief...
Campus Approaches to Improving Cyber Security
Awareness
Presented by:
Krizi Trivisani, Chief Security Officer
The George Washington University
EDUCAUSE Live! October 6, 2004
2
Agenda
What is security awareness?
Why is awareness important?
Awareness and Higher Education EDUCAUSE Security Education &
Awareness Working Group Higher Education Events in October Cyber Security Resources CD GW’s Cyber Security Awareness
Day
Questions
3
What is Security Awareness?
Security awareness is knowledge of potential threats. It is the advantage of knowing what types of security issues and incidents members of your organization may face in the day-to-day routine of their University functions.
Technology alone cannot provide adequate information security. People, awareness and personal responsibility are critical to the success of any information security program.
4
Why is Security Awareness Important?
Security is only as strong as it’s weakest link. Security relies on people. Technology is important, but if people are unaware of security issues, even the best technology will not ensure that information is protected.
If people are ill-prepared, information is threatened by: Social engineering Abuse of privileges and trust Misuse of systems and network Password guessing Physical access to bypass controls Theft of laptops, storage media, and other technologies Accidental disclosure Financial Fraud
5
Awareness and Higher Education
6
Security Task Force Education & Awareness Working Group
Mission/Purpose:The Education and Awareness Working Group will identify and take steps to implement and/or publicize various methods by which awareness of information technology security issues are raised amongst university and college computer and network users, administrators, and executives.
http://www.educause.edu/security
7
Security Task Force Education & Awareness Working Group
Team Goals/ Expected Outcomes (Deliverables and Metrics):
The team will:1) Identify current projects and current materials and
methods (primarily developed within the higher education and non-profit communities, but also vended products) where they have been proven to be (or may be) particularly useful to universities and colleges.
2) Use existing methods available via EDUCAUSE and Internet2 to publicize identified offerings.
3) Where gaps may exist in available offerings, commission development of programs or materials as needed.
8
Higher Education Events in October
Meeting IT Challenges: National Strategies and Local Solutions
Virginia Alliance for Secure Computing and Networking (VASCAN) and The Association of Collegiate Computing Services (ACCS)
Charlottesville, VAOctober 11-12, 2004http://www.virginia.edu/housing/conferences/Website2003/3univevents/vascan_accs/index.htm
Symposium on Cybersecurity PolicyNational Press Club in Washington, DCOctober 12-13, 2004www.cylab.cmu.edu/default.aspx?id=277
9
Higher Education Events in October
Guide to Implementing an Effective Security Education & Awareness Program
EDUCAUSE 2004 Pre-Conference SeminarDenver, ColoradoOctober 19, 1-4:30 p.m.www.educause.edu/asp/conf/function.asp?PRODUCT_CODE=E04/
SEM11P&ME
NSCA’s National Cyber Security Awareness Month Focus on Education
Week ThreeOctober 18 – 22, 2004www.staysafeonline.info
10
Cybersecurity Awareness Resources CD
The Education & Awareness Working Group of the EDUCAUSE/Internet2 Security Task Force compiled cyber security awareness resources that will be distributed on a CD.
The resources were collected to showcase the variety of security awareness efforts underway at institutions of higher education and to provide resources for colleges and universities that are looking to jump-start a program for their organization.
11
What’s on the CD?
PamphletsPost CardsPresentationsSecurity Awareness DocumentsSecurity CardsSecurity ToolsSecurity QuizzesSurveysVideos
Book MarksBrochuresChecklists FlyersGamesGovernment ResourcesHandoutsIndustry ResourcesLinks to School’s Security Web Page(s)
12
GW’s Cyber Security Awareness Day
November 1, 2004
Targeted to GW Community but open to the public
Two main events:
Cyber Security Awareness Forum
Cyber Security Awareness Fair
FREE – thanks to help from sponsors!
13
Cyber Security Awareness Forum
Four speaker sessions“Cybersleuths: High Technology Crime Investigators”Panel Topic – “How Direct Recording Electronic (DRE) voting machines can do tomorrow what a paper ballot count could not do in the 2000 election.”“Information Security: From Brains to Bits”"Exploitation and Countermeasure in Open-access High-speed Networks"
14
Cyber Security Awareness Fair
Tables with GamesPC Security - Personal Firewalls and Patching Virus Clinic Strong AuthenticationCreating Good Passwords Identity TheftIncident Response GWirelessPeer to Peer Information Security Handouts
Other AttractionsMobile Information Warfare Lab Security Videos Area Door PrizesPopcorn StandCotton Candy StandCaricaturistFortune TellerCyber Guy and Cyber Gal to engage the community