Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: computer security vision for next 3-5 years

From: "McCrary, Barbara" <bmccrary () OGSLP ORG>
Date: Tue, 12 Jan 2010 10:58:26 -0600
Our future security toolboxes need to contain Host Intrusion Protection,
(HIPS), Data Classification, Data Protection and good, mature Data
Retention tools.

Future plans should address the need to, as much as possible, auto
protect wherever possible, against the unintended as well as the
intended threats and the need to make aware and involve upper management
and business groups all along the way. 

Awareness should be addressed to facilitate user's daily awareness as
opposed to only spotty training that is reactionary or simply provided
to meet a requirement. Our future needs to build this in daily.    


Barbara McCrary 
Chief Information Security Officer
MCSE, MCSE:Security, +Messaging, CompTia:Security+

bmccrary () ogslp org

Oklahoma State Regents for Higher Education
421 NW 13th, Ste 250 
Oklahoma City, OK  73103 
405 234.4316 office 
405 234.4321 cell 
405 234.4588 fax

Note:  This communication and attachments, if any, are intended solely
for the use of the addressee hereof.  In addition, this information and
attachments, if any, may contain information that is confidential,
privileged and exempt from disclosure under applicable law, including,
but not limited to, the Privacy Act of 1974.  If you are not the
intended recipient of this information, you are prohibited from reading,
disclosing, reproducing, distributing, disseminating, or otherwise using
this information.  If you have received this message in error, please
promptly notify the sender and immediately, delete this communication
from your system.


-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Youngquist, Jason
R.
Sent: Tuesday, January 12, 2010 10:25 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] computer security vision for next 3-5 years

My boss asked me this morning to come up with a computer security vision
for the next 3-5 years.  Since it is already 2010, I thought I'd get
some input from the community on what would you like to see happen to
computer security in higher education, how will your job change (if
any), and how can we as computer security professionals in higher
education institutions best protect against the growing threats?

If you've seen any blogs/articles on computer security trends in higher
education, please forward them my way.

Here's what I've come up with so far:

*       Social Engineering will still be the easiest way to get
confidential information.
*       Multi-factor security will be prevalent.  
*       More data breach regulations.
*       PDAs and smart phones will be encrypted due to the sensitive
email/ information that they store and how easily they are stolen.
*       Anti-virus software will be still used, but application
white-listing will become more prevalent.

Some links:
http://media.techtarget.com/searchFinancialSecurity/downloads/FISD09_Mai
nBallroom_Session8_StateofComputerSecurity_Ranum.pdf
http://www.sans.org/security-resources/10_security_trends.pdf



Appreciate any thoughts you can provide.
Jason Youngquist
Information Technology Security Engineer, Security+ Technology Services
Columbia College
1001 Rogers Street, Columbia, MO  65216
(573) 875-7334
jryoungquist () ccis edu
http://www.ccis.edu
Previous By Date Next
Previous By Thread Next

Current thread: