Information Security Office ISO Update

1
Information Security Office (ISO)Update

• Mark Johnson, Chief Information Security Officer

2
Vanderbilt Information Security Road Map

• We are moving toward process driven information
  security. The Road Map drives this by
• Established SLAs and SLOs between the
  operational IT organizations and our office.
• Established Information Security Incident
  Response procedures.
• Redefining the authentication requirements and
  infrastructure.
• Conducting current state assessments of business
  areas.
• Providing awareness material and presentations.
• Developing and implementing policy development
  process (VUMC).
• What does the current environment look like?

3
Current Environment

• The Federal Trade Commission estimates that 9
  to10 million people are victims of Identify
  Theft. According to their statistics, only 25
  were used to obtain credit cards.
• 35 States, including Tennessee, have passed laws
  requiring notification when information about an
  individual has been breached. 9 more states have
  introduced similar legislations this year.
  Federal legislation may soon come.
• Industry groups, like the Payment Card Industry
  (PCI) are making information security
  requirements a prerequisite to do business with
  them.
• Application security is becoming an increased
  point of emphasis for both the attackers and the
  defenders.
• Other concerns such as business continuity,
  appropriate authentication requirements and
  providing unified communications, are all driving
  a greater emphasis on information security both
  here at Vanderbilt and in Higher Education in
  general.

4
Current Environment - Continued

• The current threat environment is characterized
  by an increase in data theft and data leakage,
  and the creation of malicious code that targets
  specific organizations for information that can
  be used for financial gainhigh levels of
  malicious activity across the Internet, with
  increases in phishing, spam, bot networks,
  Trojans, and zero-day threats. However, whereas
  in the past these threats were often used
  separately, attackers are now refining their
  methods and consolidating their assets to create
  global networks that support coordinated criminal
  activity. Symantec Internet Security Threat
  Report, March 2007

5
Improvements

• Over the past two years, we have seen a marked
  improvement in our security posture
• Anti-spam (Webroot) tool has been fielded. Just
  like the anti-virus (McAfee) it is available to
  everyone at Vanderbilt.
• Implemented improved security tools at our
  perimeter.
• The perimeter is being monitored 24 x 7 by a
  professional third party Managed System Security
  Provider (MSSP).
• Information Security Incident Response procedures
  have been implemented across Vanderbilt.
• Increase awareness of information security issues
  and concerns across Vanderbilt.
• Completed the first of many to come Information
  Security Current State Assessments.

6
Security Videos

• Reference http//www.educause.edu/SecurityVideoCon
  test

7
Bottom Line

• Vanderbilt has arrived at that key evolutionary
  plane where the reliability, availability and
  safety of the information technology
  infrastructure need to be maintained in order for
  its mission to be fulfilled.
• We are continuing to improve our security through
  awareness, process, and technology. We need to
  continue this trend and do even more.
• Our current pace of improvements in our security
  practices and infrastructure helps us maintain
  the status quo with the changing threats that we
  and the rest of the world face.