Educause Security Discussion mailing list archives

Re: future of cybersecurity in Higher Ed

From: Steve Brukbacher <sab2 () UWM EDU>
Date: Mon, 2 Oct 2006 09:19:15 -0500

For us I think supporting research computing and protecting the data
produced in decentralized areas.  While we've gone a long way in
standardizing what we can in terms of desktops, we have a long way to go
when it comes to departmental server security.  Policies, standards and
guidelines will be a great help here but we are also working on creating
a culture of security which will provide a peer environment which
encourages compliance from within the community instead of from
administration.  The policies come from the top but the substantial and
effective change comes from the community of admins and users.


--
Steve Brukbacher, CISSP
University of Wisconsin Milwaukee
Information Security Coordinator
UWM Computer Security Web Site
www.security.uwm.edu




Michael McLaughlin wrote:

With so much emphasis on completing this years initiative,  the new
tool,  program, or system,   we risk losing sight of the basics.
While our institutions are emphasizing,  the latest and greatest,  this
years new hot topic, we risk de-emphasizing the tools, techniques and
systems of two, three or four years ago. While I am not saying that
systems should not be updated, and new tools and concepts developed and
implemented,  they need to be added to our existing proven processes,
rather than replacing them.  unfortunately,  adding services, and
systems on top of the existing work load means more staff and budget.

So, to answer your question,  the serious threat that I see in
cybersecurity, is we are forgetting the basic engineering that got us
this far; training, DMZ's,  defense in depth,  security zones,
segregation of applications and data,  risk analysis, and proper planning.

Mike McLaughlin
Network Security Administrator
College of Southern Maryland
michael.mclaughlin () csmd edu <mailto:michael.mclaughlin () csmd edu>

 >>> Bret R Blackman <bblackma () MAIL UNOMAHA EDU> 10/1/2006 11:18 PM >>>

All,

What do you see as strategic issues and serious threats in regards to
cybersecurity for Higher Education over the next 2 years?

------------------------------------------------------------------
Bret R. Blackman
University of Nebraska at Omaha
Director of Administrative Information Services
Information Technology Services
bblackma () mail unomaha edu

Current thread:

future of cybersecurity in Higher Ed Bret R Blackman (Oct 01)
- <Possible follow-ups>
- Re: future of cybersecurity in Higher Ed John C. A. Bambenek (Oct 01)
- Re: future of cybersecurity in Higher Ed Michael McLaughlin (Oct 02)
- Re: future of cybersecurity in Higher Ed Steve Brukbacher (Oct 02)
- Re: future of cybersecurity in Higher Ed Valdis Kletnieks (Oct 02)
- Re: future of cybersecurity in Higher Ed Brad Judy (Oct 02)
- Re: future of cybersecurity in Higher Ed Joe St Sauver (Oct 02)
- Re: future of cybersecurity in Higher Ed Jere Retzer (Oct 02)