EDUCAUSE Computer and Network Security Task Force - PowerPoint PPT Presentation

Loading...

PPT – EDUCAUSE Computer and Network Security Task Force PowerPoint presentation | free to download - id: 8367a2-ZGI4M



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

EDUCAUSE Computer and Network Security Task Force

Description:

EDUCAUSE Computer and Network Security Task Force Rodney J. Petersen Director, Policy and Planning Office of Information Technology University of Maryland – PowerPoint PPT presentation

Number of Views:113
Avg rating:3.0/5.0
Slides: 36
Provided by: Rodn101
Learn more at: http://net.educause.edu
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: EDUCAUSE Computer and Network Security Task Force


1
EDUCAUSE Computer and Network Security Task Force
  • Rodney J. Petersen
  • Director, Policy and Planning
  • Office of Information TechnologyUniversity of
    Maryland

2
Service Provider Security
  • According to Gartner, service providers must
    implement a solid set of security services to
    safeguard applications and data across the
    following areas
  • Network
  • Platform
  • Applications
  • Operations
  • End Services

3
Headlines
  • FBI Advises Windows XP Users On Measures to Block
    Hackers
  • AOL confirms security hold in AOL Instant
    Messenger (AIM)
  • GroupWise users grapple with security bug
  • Wireless security riddled with flaws
  • Washtech.com Web Site Hacked

4
U.S. unprepared for IT warfare
  • Top computer security experts told a
    congressional committee in October that the U.S.
    isnt producing the talent or the funding needed
    to confront the information warfare threats the
    country now faces.

5
Lieberman IT security fund
  • Senator Joseph Lieberman, chairman of the Senate
    Governmental Affairs Committee, has called for
    the creation of a 1 billion IT fund that would
    enhance homeland and information security while
    providing a much-needed boost to the sagging
    economy.

6
Billions needed for IT security
  • At least 10 billion in federal funding is
    needed to ensure adequate homeland cyberdefenses,
    according to the president of the Information
    Technology Association of America (ITAA), an
    industry group that represents more than 500 IT
    companies around the country.

7
IT Spending On Security
  • 53 percent of IT managers said they expect to
    devote a higher proportion of their total IT
    budgets to security compared with spending in
    2001
  • 59 percent of companies said they expect their
    2002 IT budgets to decline or stay the same as
    their 2001 budgets

8
Consumers Security Concerns
  • More than 70 percent of Americans are at least
    somewhat concerned about Internet and computer
    security in the wake of the Sept. 11 attacks
  • Roughly 74 percent of Americans are worried that
    the information they give out online could be
    stolen or misused
  • Keeping the Faith Government, Information
    Security and Homeland Cyber Defense - Survey of
    the Information Technology Association of America

9
Future of Law and Technology
  • What sorts of Internet privacy measures, those to
    enhance and those to diminish or prevent privacy
    and anonymity, will be acceptable in the wake of
    September 11 terrorist attacks, and what will fly
    under the radar using prevention of terrorism as
    an excuse? -Jessica Litman, Professor, Wayne
    State University Law School
  • Congress will pass legislation to encourage
    companies to share cyber-security data with the
    government, by exempting such data from
    disclosure under the Freedom of Information Act
    and by providing antitrust protection for
    companies that collaborate on cyber-security
    matters. -Ivan Fong, Senior Counsel, General
    Electric

10
Discussion Question
  • What types of information security challenges
    does your organization face?

11
Justice Dept. To Hire More Computer Crime
Attorneys
  • The U.S. Justice Department has begun soliciting
    hundreds of resumes from attorneys skilled in
    computer crime and intellectual property law in
    an effort to keep pace with a growing caseload of
    cybercrime prosecutions.

12
We can and must do better
  • If we dont do this, people simply wont be
    willing or able to take advantage of all the
    other great work we do. Trustworthy Computing is
    the highest priority for all the work we are
    doing. When we face a choice between adding
    features and resolving security issues, we need
    to choose security. Bill Gates, Microsoft
    Corporation

13
Cyberspace Security Czar
  • Richard Clark, Special Advisor to the President
    for Cyberspace Security
  • Expected to be included in efforts coordinated by
    the Office of Homeland Security
  • Chairman of a yet-to-be-appointed
    government-industry board on critical
    infrastructure systems

14
NIST New IT Security Effort
  • The Department of Commerces National Institute
    of Standards and Technology (NIST) awarded 5
    million total in funding in October for nine
    research grants that will enhance security for
    critical infrastructures such as electrical grids
    and air traffic control systems.

15
NIPC and IT Security
  • The interagency National Infrastructure
    Protection Center (NIPC) at FBI Headquarters
    serves as a national critical infrastructure
    entity for threat assessment, warning,
    vulnerability, and criminal and national security
    investigation, and response.
  • See http//www.nipc.gov

16
NIPC Infragard Initiative
  • Special agents are working with community-based
    computer security professionals to determine how
    to better protect critical information systems in
    the public and private sectors.
  • Computer Crimes Task Force
  • http//www.infragard.net

17
USA PATRIOT Act
  • Electronic Surveillance, primarily to prevent
    terrorist acts
  • Computer Trespassers
  • Electronic Crimes Task Force to be coordinated by
    the U.S. Secret Service
  • State Computer Crime Initiatives

18
Critical Infrastructure Assurance Office
  • Development of a National Strategy to Secure
    Cyberspace
  • Issues
  • Home Users
  • Enterprises
  • Sectors
  • National
  • Global

19
Cyber-Security Preparedness Act
  • Senator John Edwards introduced legislation last
    week to promote stonger password protections and
    high-tech tools to block computer worms. The
    Act, which would cost about 350 million over
    five years, would apply at first to federal
    agencies, then expand to include government
    contractors.

20
Gartner Research Note
  • In the post-September 11 world, academic
    institutions will have to combine better security
    infrastructure with a more rigorous social
    contract that attaches responsibilities to user
    rights.

21
Discussion Question
  • What steps have you taken to address computer
    and network security challenges at your
    institution?

22
EDUCAUSE Computer and Network Security Task Force
  • To work with noted security experts and partner
    associations including Internet2 to identify
    short-term actions and long-term projects to
    address systems security problems in higher
    education. It will support activities such as, a
    technical toolkit to help Chief Information
    Officers get ahead of the security curve and a
    policy toolkit to help campuses properly address
    the associated legal and ethical issues.

23
Task Force Leadership
  • Dan Updegrove, co-chair
  • Vice President for Information Technology
  • University of Texas at Austin
  • Gordon Wishon, co-chair
  • Chief Information Officer
  • University of Notre Dame

24
Committee on Detection, Prevention and Response
  • Co-Chairs
  • Steve Hansen, Computer Security Officer
  • Stanford University
  • Jack Suess, Chief Information Officer
  • University of Maryland, Baltimore County

25
Committee on Policy and Legal Issues
  • Co-Chairs
  • Mark Bruhn, University IT Policy Officer
  • Indiana University
  • Rodney Petersen, Director, IT Policy Planning
  • University of Maryland

26
Committee on Education and Awareness
  • Co-Chairs
  • Michelle Norin, Director for IT Outreach
  • University of Arizona
  •  
  • Gordon Wishon, Chief Information Officer
  • University of Notre Dame

27
Committee on Emerging Technologies
  • Co-Chairs
  • Clifford Collins, Chair I2 Security Working Group
  • OARnet
  •  
  • Ken Klingenstein
  • Director, Middleware Initiative, Internet2
  • Chief Technology, University of Colorado

28
Funding Proposal
  • Proposal for Identifying and Implementing a
    Coordinated Strategy for Computer and Network
    Security for Higher Education

29
Identify Problem and Develop Preliminary Plans
  • Phase One (months 1-3)
  • Convene Meeting of Computer Network Security
    Experts
  • Convene Meeting of Research, Security, and Policy
    Experts
  • Commission Papers, Reports, and Case Studies

30
Develop Plan and Implementation Strategy
  • Phase Two (month 4)
  • Convene Summit on Computer Network Security in
    Higher Education
  • Convene Meeting of Task Force on Computer and
    Network Security

31
Implement Plan and Strategies
  • Phase Three (months 5-16)
  • Pursue Implementation Strategies
  • Convene Quarterly Meetings of Task Force on
    Computer and Network Security
  • Commission Additional Papers, Reports, and Case
    Studies
  • Outreach Publications and Presentations

32
Evaluate Plan and Prepare for Next Steps
  • Phase Four (months 17-18)
  • Convene Second Meeting of Computer Network
    Security Experts
  • Convene Second Summit on Computer Network
    Security

33
Discussion Question
  • How can the EDUCAUSE Computer and Network
    Security Task Force help you and your institution
    improve IT security?

34
Task Force Priorities
  • Refine Organizational Structure
  • Revitalize Volunteer Network
  • Submit Grant Proposal
  • Participate In Government Initiatives
  • Coordinate Higher Education Activities
  • Outreach and Education

35
For more information
  • Visit http//www.educause.edu/security
  • or
  • Contact Rodney Petersen
  • Email Rodney_at_umd.edu
  • Phone 301.405.7349
About PowerShow.com