Educause Security Discussion mailing list archives
Re: FT Information Security Officer/Mgr
From: James Alexander/cis/evp/Okstate <jra () OKSTATE EDU>
Date: Thu, 10 Apr 2003 11:00:39 -0500
Oklahoma State University has Information Security Office with two
full-time staff, two part-time staff and one person in network operations
dedicated to security issues. The ISO is seeking funding to hire two more
full-time staff. We have 24,000 students with 26,000 hot network jacks,
plus wireless.
Workload Average
100+ minor security incidents per week - copyright, spam, campus
notification of new patches, etc, generally handled by part-timers
4 medium - desktop hacked, minor server hacked, outbound attack, 40
hours/week
1 major/critical per month - 400 machines hacked at once, important server
hacked, child porn, something that requires full forensic analysis of a
machine that takes 20-40 hours plus handling the fallout ?? hours
1-2 security classes per week - 8 hours/week
develop/update policies - 10 hours/week
special security projects (HIPPA, Firewall implementation, etc) - 20
hours/week
network locates, disabling ports, enabling ports - 40 hours/week
management of network security devices - 40 hours/week
James Alexander
**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at
http://www.educause.edu/memdir/cg/.
Current thread:
- FT Information Security Officer/Mgr King, Dennis C. (Apr 10)
- <Possible follow-ups>
- Re: FT Information Security Officer/Mgr Crawford, Charles D (Apr 10)
- Re: FT Information Security Officer/Mgr Schmidt, Eric W (Apr 10)
- Re: FT Information Security Officer/Mgr James Alexander/cis/evp/Okstate (Apr 10)
- Re: FT Information Security Officer/Mgr David Grisham (Apr 10)