Results from the CIFAC Project and What They Mean to You Virginia E. Rezmierski Daniel M. Rothschild...
-
Upload
norman-lyons -
Category
Documents
-
view
213 -
download
0
Transcript of Results from the CIFAC Project and What They Mean to You Virginia E. Rezmierski Daniel M. Rothschild...
![Page 1: Results from the CIFAC Project and What They Mean to You Virginia E. Rezmierski Daniel M. Rothschild April 4, 2005 Washington, DC.](https://reader035.fdocuments.us/reader035/viewer/2022081821/56649d935503460f94a7afcd/html5/thumbnails/1.jpg)
Results from the CIFAC Project and What They Mean to You
Virginia E. Rezmierski
Daniel M. Rothschild
April 4, 2005
Washington, DC
![Page 2: Results from the CIFAC Project and What They Mean to You Virginia E. Rezmierski Daniel M. Rothschild April 4, 2005 Washington, DC.](https://reader035.fdocuments.us/reader035/viewer/2022081821/56649d935503460f94a7afcd/html5/thumbnails/2.jpg)
Advisory Board
Mark S. Bruhn, B.S., CISSPIndiana University
Shawn A. Butler, Ph.D.Carnegie Mellon University
Robert Clark, Jr., B.A., CIA, CBMGeorgia Tech
Tracy Mitrano, Ph.D., J.D.Cornell University
Rodney Petersen, J.D., Ph.D.EDUCAUSE
E. Eugene Schultz, Ph.D.Lawrence Berkeley Nat’l Laboratory
Barbara Simons, Ph.D.Association for Computing Machinery
Eugene H. Spafford, Ph.D.Purdue University CERIAS
John J. Suess, M.S.University of Maryland – Baltimore County
D. Frank Vinik, J.D.United Educators
![Page 3: Results from the CIFAC Project and What They Mean to You Virginia E. Rezmierski Daniel M. Rothschild April 4, 2005 Washington, DC.](https://reader035.fdocuments.us/reader035/viewer/2022081821/56649d935503460f94a7afcd/html5/thumbnails/3.jpg)
Participating Colleges and UniversitiesPublic Private
Large(≥10,000)
San Jose State UniversityUC Berkeley
University of Illinois - ChicagoSUNY Binghamton
University of Massachusetts - AmherstUMD College Park
Georgia TechGeorgia State
University of Texas at San AntonioUniversity of Texas at Austin
Michigan State University
Stanford UniversityUniversity of Chicago
Northwestern UniversityCornell University
Syracuse UniversityBoston University
MITGeorgetown University
Emory University
Small &Medium(<10,000)
California State University - Monterrey BayUniversity of Massachusetts - Boston
University of Maryland - Baltimore CountyUniversity of Michigan - Flint
University of Michigan - DearbornSaginaw Valley State University
Santa Clara UniversityLoyola University of Chicago
Lake Forest CollegeLeMoyne College
Hampshire CollegeAmerican University
Southwestern UniversityFindlay UniversityCleary University
Concordia University (MI)
![Page 4: Results from the CIFAC Project and What They Mean to You Virginia E. Rezmierski Daniel M. Rothschild April 4, 2005 Washington, DC.](https://reader035.fdocuments.us/reader035/viewer/2022081821/56649d935503460f94a7afcd/html5/thumbnails/4.jpg)
![Page 5: Results from the CIFAC Project and What They Mean to You Virginia E. Rezmierski Daniel M. Rothschild April 4, 2005 Washington, DC.](https://reader035.fdocuments.us/reader035/viewer/2022081821/56649d935503460f94a7afcd/html5/thumbnails/5.jpg)
Incident definitionAn incident is an event that utilizes or exploits information technology resources or security flaws therein, either byaccident or by design and through malice or otherwise, that causes, directly or indirectly, one or more of thefollowing occurrences:
Compromise of proprietary, confidential, or protected data, System disruption which impedes user(s)’ access to data or
other IT resources, Violates IT use policies set out and made known by the
administrator(s) of the IT systems in question, Violates norms commonly accepted within the community of
system user(s) for use of IT resources, Attempting or conspiring engage or represent oneself or
another to be engaged in any aforementioned behavior.
![Page 6: Results from the CIFAC Project and What They Mean to You Virginia E. Rezmierski Daniel M. Rothschild April 4, 2005 Washington, DC.](https://reader035.fdocuments.us/reader035/viewer/2022081821/56649d935503460f94a7afcd/html5/thumbnails/6.jpg)
Incident Descriptives
Large Public36%
Large Private27%
Small Public21%
Small Private16%
![Page 7: Results from the CIFAC Project and What They Mean to You Virginia E. Rezmierski Daniel M. Rothschild April 4, 2005 Washington, DC.](https://reader035.fdocuments.us/reader035/viewer/2022081821/56649d935503460f94a7afcd/html5/thumbnails/7.jpg)
Incident Focus
People29%
Data26%
Systems45%
![Page 8: Results from the CIFAC Project and What They Mean to You Virginia E. Rezmierski Daniel M. Rothschild April 4, 2005 Washington, DC.](https://reader035.fdocuments.us/reader035/viewer/2022081821/56649d935503460f94a7afcd/html5/thumbnails/8.jpg)
Incident SeriousnessNot at all (1)
2%
Somew hat (2)26%
Quite (3)31%
Extremely (4)41%
![Page 9: Results from the CIFAC Project and What They Mean to You Virginia E. Rezmierski Daniel M. Rothschild April 4, 2005 Washington, DC.](https://reader035.fdocuments.us/reader035/viewer/2022081821/56649d935503460f94a7afcd/html5/thumbnails/9.jpg)
Incident Prevention Access control tools Personnel Training and education Existence of policy
![Page 10: Results from the CIFAC Project and What They Mean to You Virginia E. Rezmierski Daniel M. Rothschild April 4, 2005 Washington, DC.](https://reader035.fdocuments.us/reader035/viewer/2022081821/56649d935503460f94a7afcd/html5/thumbnails/10.jpg)
Incident Cause and Response Training and education Requirements for use of institutional
resources Accidental or careless behavior Malicious or abusive behavior
![Page 11: Results from the CIFAC Project and What They Mean to You Virginia E. Rezmierski Daniel M. Rothschild April 4, 2005 Washington, DC.](https://reader035.fdocuments.us/reader035/viewer/2022081821/56649d935503460f94a7afcd/html5/thumbnails/11.jpg)
Stimuli to ActionProbability of damage to institutional reputationCost to the department, college, or university
Time involved for resolutionNumber of machines affected
Type of machines affectedType and sensitivity of data involved
Probability of further access or damageNumber of people affected
Level, status, or rank of people affectedProbability of damage or danger to persons
![Page 12: Results from the CIFAC Project and What They Mean to You Virginia E. Rezmierski Daniel M. Rothschild April 4, 2005 Washington, DC.](https://reader035.fdocuments.us/reader035/viewer/2022081821/56649d935503460f94a7afcd/html5/thumbnails/12.jpg)
Stimuli to ActionProbability of damage to institutional reputationCost to the department, college, or university
Time involved for resolutionNumber of machines affected
Type of machines affectedType and sensitivity of data involved
Probability of further access or damage
![Page 13: Results from the CIFAC Project and What They Mean to You Virginia E. Rezmierski Daniel M. Rothschild April 4, 2005 Washington, DC.](https://reader035.fdocuments.us/reader035/viewer/2022081821/56649d935503460f94a7afcd/html5/thumbnails/13.jpg)
Best Practices: Prevention Technical best practices
Strong passwords Configuration Patch/debug Firewall/IDS/IPS/(v)ACL Access control
Foundational best practices Education, training, and awareness Policy, procedure, and enforcement
![Page 14: Results from the CIFAC Project and What They Mean to You Virginia E. Rezmierski Daniel M. Rothschild April 4, 2005 Washington, DC.](https://reader035.fdocuments.us/reader035/viewer/2022081821/56649d935503460f94a7afcd/html5/thumbnails/14.jpg)
Best Practices: Mitigation Technical best practices
Access control/blocking Auditing
Foundational best practices Decisive, timely action Interdepartmental cooperation and communication Procedures Straightforward communication w. affected parties Education, training, and awareness
![Page 15: Results from the CIFAC Project and What They Mean to You Virginia E. Rezmierski Daniel M. Rothschild April 4, 2005 Washington, DC.](https://reader035.fdocuments.us/reader035/viewer/2022081821/56649d935503460f94a7afcd/html5/thumbnails/15.jpg)
Best Practices: Manage Technical best practices Foundational best practices
Interdepartmental IRT Communication between incident handlers Straightforward communication w. affected parties Quick resolution
![Page 16: Results from the CIFAC Project and What They Mean to You Virginia E. Rezmierski Daniel M. Rothschild April 4, 2005 Washington, DC.](https://reader035.fdocuments.us/reader035/viewer/2022081821/56649d935503460f94a7afcd/html5/thumbnails/16.jpg)
Thoughts to take away
1. There are a lot of incidents happening
2. Students are a major factor
3. People want to share information
4. Having policies and procedures is vital
5. Education of users and staff is important
6. Quarantining is on the rise
![Page 17: Results from the CIFAC Project and What They Mean to You Virginia E. Rezmierski Daniel M. Rothschild April 4, 2005 Washington, DC.](https://reader035.fdocuments.us/reader035/viewer/2022081821/56649d935503460f94a7afcd/html5/thumbnails/17.jpg)
Thoughts to take away
7. Automated enforcement tools are on the rise
8. Perceptions of seriousness are role-dependent
9. Interdepartmental IRTs are increasing
10. Risk managers and auditors are missing
11. Campuses are maturing in technology, policy, and procedures
![Page 18: Results from the CIFAC Project and What They Mean to You Virginia E. Rezmierski Daniel M. Rothschild April 4, 2005 Washington, DC.](https://reader035.fdocuments.us/reader035/viewer/2022081821/56649d935503460f94a7afcd/html5/thumbnails/18.jpg)
The CIFAC ProjectGerald R. Ford School of Public Policy
The University of Michigan712 Oakland Avenue
Ann Arbor, MI 48104-3021
734.615.9595 p734.998.6688 f
1Apr05 17:10