Re: Reorganizing for security team

[Matt Morton <mmorton () UNOMAHA EDU>]

Hi Theresa

We did this about 2 years ago and I would be happy to provide a lessons learned offline on what worked and what other 
issues arose.
Matt

Matt Morton, CISSP, MHEA
Chief Information Security Officer
University of Nebraska at Omaha
6001 Dodge St., Omaha NE  68182
402.554.2425 (o)
402.214.5943 (g)
402.708.2176 (m)

This communication, along with any attachments, is covered by federal and state law governing electronic communications 
and may contain confidential and legally privileged information. If the reader of this message is not the intended 
recipient, you are hereby notified that any dissemination, distribution, use or copying of this message is strictly 
prohibited. If you have received this in error, please reply immediately to the sender and delete this message. Thank 
you.

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Sol 
Bermann
Sent: Friday, July 18, 2014 10:52 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Reorganizing for security team

Am happy to discuss how U-M has evolved this over the past 10 years

Sol Bermann
Interim University of Michigan Chief Information Security Officer
Privacy Officer and IT Policy, Compliance and Enterprise Continuity Strategist
ITS - Information & Infrastructure Assurance
University of Michigan

734/615-9661
solb () umich edu<mailto:solb () umich edu>



On Fri, Jul 18, 2014 at 11:47 AM, Nevin, David <Dave.Nevin () oregonstate edu<mailto:Dave.Nevin () oregonstate edu>> 
wrote:
Hi Theresa,

We’re about a year ahead of you in this process it seems—like you, security was primarily a network function with AV 
handled by a server support team.

In brief, our office (InfoSec) will provide "application layer" support, including access permissions, for our InfoSec 
Tools. Our net/infrastructure teams will provide hardware and OS-level support for the tools.

At this point in time we’re continue to work very closely together and since positions have been shifted from other 
teams to form the group, this is happening gradually with the above as an end  goal.

Feel free to ping me if you’d like to talk about more specific details.

Dave
--
Dave Nevin
Chief Information Security Officer
Oregon State University


From: Theresa Rowe <rowe () OAKLAND EDU<mailto:rowe () OAKLAND EDU>>
Reply-To: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () 
LISTSERV EDUCAUSE EDU>>
Date: Friday, July 18, 2014 at 8:34 AM
To: "SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>" <SECURITY () LISTSERV EDUCAUSE 
EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>>
Subject: [SECURITY] Reorganizing for security team

Hi,
We are finally at a point where we can reorganize to create a separate security team.  Security is now primarily on the 
network team, with AV systems and the like on a technical architecture team.
Those of you who have created a separate security team can help us out.  What tasks (like firewall installation, 
firewall rule updates, SIEM implementation, etc.) are done on what team?  What belongs to networks, what belongs to 
systems, and what belongs to security? How did you architect the separation of duties?

Thanks for all insight -

--
Theresa Rowe
Chief Information Officer
Oakland University