Educause Security Discussion mailing list archives
Re: What is on your roadmap?
From: "Wayne S. Martin" <MartinW () BRCC EDU>
Date: Tue, 15 Mar 2011 12:21:26 +0000
I would agree with the final comment and suggest that a growing emphasis should be placed on "Security Collaboration" as a maturity level for "Security Awareness". Users, process owners, and other stakeholders need to become active participants in securing the enterprise. Security professionals need to develop the soft skills necessary to break through the "distrust" and "protectionism" in order to engage everyone in information assurance activities. Wayne From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Flynn, Gary - flynngn Sent: Tuesday, March 15, 2011 7:42 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] What is on your roadmap? 1. Mobile device and access policy and management. This technology will be as disruptive and hard to manage as the PC technology of the 80s. Security is just one component of the planning necessary to provide acceptable quality of service and risk. Though due to the rapid changes in the environment, "vision" may have to substitute for "planning"... as long as its not "hallucination". 2. Cloud services can be thought of as outsourced data storage and services. This has been managed in the past but not in nearly as open and self-service type of environment as today's. 3. Due to the complexities involved with 1 & 2, increasing demands for access, a continual lack of trustworthiness in vendor products and technology, and increasing sophistication and motivation of criminals, monitoring and early detection is going to need much more emphasis. Today's concentration on prevention, the assumption of trustworthiness, and belief that things can be "secured" will not meet the challenges of tomorrow. Curmudgeonly yours, gary From: Nathan Zierfuss <nathan.zierfuss () ALASKA EDU<mailto:nathan.zierfuss () ALASKA EDU>> Reply-To: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> Date: Mon, 14 Mar 2011 16:13:39 -0800 To: <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> Subject: [SECURITY] What is on your roadmap? I'm contemplating an information security roadmap for the next 5 years. I think there are some standard things to maintain on it like security awareness, disaster recovery, authentication, etc. but what would you add that might be developing areas in the next 5 years, cloud resource access control, policy modifications for SaaS? Thanks, Nathan Nathan Zierfuss, CISSP, Senior IT Security Officer - Technology Oversight Services, University of Alaska 910 Yukon Dr. Suite 105, PO Box 755320 Fairbanks, Alaska 99775-5320 - Ph: (907) 450-8112 Fx: (907) 450-8381 -- Gary Flynn Security Engineer James Madison University
Current thread:
- What is on your roadmap? Nathan Zierfuss (Mar 14)
- Re: What is on your roadmap? Flynn, Gary - flynngn (Mar 15)
- Re: What is on your roadmap? Wayne S. Martin (Mar 15)
- Re: What is on your roadmap? Seth Hall (Mar 16)
- Re: What is on your roadmap? Hahues, Sven (Mar 16)
- Re: What is on your roadmap? Matthew Gracie (Mar 15)
- Re: What is on your roadmap? Flynn, Gary - flynngn (Mar 15)