Final Report of the CIFAC Project - Now Available

[Valerie Vogel <vvogel () EDUCAUSE EDU>]

The final report of the Computer Incident Factor Analysis and
Categorization (CIFAC) Project is now available in the EDUCAUSE Resource
Center:
http://www.educause.edu/LibraryDetailPage/666?ID=CSD4207 

Abstract: This study provides information about 319 computer-related
incidents that occurred in 36 colleges and universities within the past
two years. Researchers sought to bring a broader institutional focus to
bear in the identification and management of computer-related incidents.
Instead of the current definition of incidents which often focuses too
heavily on technical vulnerabilities, researchers used a broader
definition in identifying computer-related incidents to more
realistically look at associated factors.  Participants provided
detailed information about each of the incidents. The data were analyzed
to identify perceived cause, seriousness, recommended preventative
actions, and  the specific factors that were related to the occurrence
of different types of incidents, people-focused, systems-focused, and
data-focused incidents. Participants provided recommended best practices
for preventing each of the incidents, for mitigating the effects of the
incidents and for managing them.

_____________

Valerie M. Vogel, Security Task Force Project Assistant, EDUCAUSE
310-450-6552 phone/fax; vvogel () educause edu
http://www.educause.edu/security


************************************
EDUCAUSE 2005, October 18-21, Orlando
http://www.educause.edu/e05
************************************