Educause Security Discussion mailing list archives
Re: IHEs & NATIONAL STRATEGY: Single Point-Of-Contact
From: "Bruhn, Mark S." <mbruhn () INDIANA EDU>
Date: Mon, 23 Sep 2002 10:55:33 -0500
A 24X7 higher education ISAC will help here, I think. The people staffing such an org will know the higher education community, and will be technically able to triage incident reports. The first limited-service iteration of a higher education ISAC (for Research and Educational Networking) will be at Indiana University, associated with the Global Network Operations Center, which is already 24X7. See http://globalnoc.iu.edu/. We are poised (legal people doing final review) to sign an MOU with the NIPC. Whilst we certainly don't want to publish home numbers widely to law enforcement and ISPs, having a higher education ISAC with that information shouldn't (at least in my opinion) be problematic. If a report or situation associated with a particular campus is bad enough, the ISAC operators would attempt to contact the person(s)identified for that campus. The theory here is that ISPs (as members of the IT ISAC) and law enforcement (as part of the law enforcement ISAC) will make reports to the NIPC, as well as directly to other ISACs if warranted. The NIPC will pass that along to the other ISACs. The REN-ISAC will take that information, do some analysis, and make sure it gets to the campuses that need to have it. Or, to all campuses for which they have contact information, if it's a more global threat. Operational details of the REN-ISAC will be sent out widely, once they are developed. There is also a white paper that discusses a full-service ISAC that may (should absolutely, I think) succeed the REN-ISAC. We will post that to the Task Force web site as soon as I can discuss that with Rodney Petersen. M. Mark S. Bruhn Chief IT Security and Policy Officer Office of the Vice President for Information Technology and CIO Indiana University 812-855-0326 -----Original Message----- From: Kevin Shalla [mailto:Kevin.Shalla () IIT EDU] Sent: Monday, September 23, 2002 10:30 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] IHEs & NATIONAL STRATEGY: Single Point-Of-Contact I believe it would be a good idea if it were cost-free, but alas it is not. I agree with others that the single person of contact is not really feasible - for most campuses the campus police office would probably be the only office staffed 24 X 7. The police could have an on-call list of whom to call during which times. Problems with this could be the false alarms - how could campus police triage and determine whether this is a serious problem (hundreds of computers are launching denial of service attack) versus moderate problem (one computer is scanning another computer) versus annoyances (one computer has a virus, and it probably came from a computer on our campus). Large universities could afford additional staffing to support this plan, small colleges would find this burdensome. At 02:41 PM 9/19/2002 -0400, Rodney Petersen wrote:
One of the recommendations in the "National Strategy To Secure Cyberspace" (www.securecyberspace.gov) is that "each college and university should consider establishing a point-of-contact, reachable
at
all times, to Internet service providers (ISPs) and law enforcement officials in the event that the school's IT systems are discovered to
be
launching cyber attacks." Is this a good idea? How could it be implemented across higher education? What are obstacles or challenges for moving forward with this recommendation? Other comments or insights?
Kevin Shalla Manager, Student Information Systems Illinois Institute of Technology <mailto:Kevin.Shalla () iit edu> ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/memdir/cg/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/memdir/cg/.
Current thread:
- IHEs & NATIONAL STRATEGY: Single Point-Of-Contact Rodney Petersen (Sep 19)
- <Possible follow-ups>
- Re: IHEs & NATIONAL STRATEGY: Single Point-Of-Contact Gary Flynn (Sep 19)
- Re: IHEs & NATIONAL STRATEGY: Single Point-Of-Contact Jim Moore (Sep 19)
- Re: IHEs & NATIONAL STRATEGY: Single Point-Of-Contact Allen Chang (Sep 20)
- Re: IHEs & NATIONAL STRATEGY: Single Point-Of-Contact Dan Updegrove (Sep 22)
- Re: IHEs & NATIONAL STRATEGY: Single Point-Of-Contact Kevin Shalla (Sep 23)
- Re: IHEs & NATIONAL STRATEGY: Single Point-Of-Contact Bruhn, Mark S. (Sep 23)
- Re: IHEs & NATIONAL STRATEGY: Single Point-Of-Contact Kevin Shalla (Sep 23)
- Re: IHEs & NATIONAL STRATEGY: Single Point-Of-Contact Bruhn, Mark S. (Sep 23)
- Re: IHEs & NATIONAL STRATEGY: Single Point-Of-Contact Nick Tate (Sep 23)