Educause Security Discussion mailing list archives

Re: computer security vision for next 3-5 years

From: Ozzie Paez <ozpaez () SPRYNET COM>
Date: Wed, 13 Jan 2010 14:13:51 -0700

Jason,
One aspect of that vision is that it needs to incorporate agility in
responding to new and evolving threats.  So, part of that vision needs to
reflect the reality that security is a journey, not a destination and that
all organizations will need to adapt as conditions change.  One of the more
common reactions to an organization having to take additional security steps
or upgrade its protection footprint is the complaint that "We've spent a lot
of time and money over the last year - How come we are still not secure?"
Anyway, it is a good idea to remind organizational leaders that we live in a
fluid threat environment.
Regards,
Ozzie Paez
SSE/SAIC
303-332-5363

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Youngquist, Jason R.
Sent: Tuesday, January 12, 2010 9:25 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] computer security vision for next 3-5 years

My boss asked me this morning to come up with a computer security vision for
the next 3-5 years.  Since it is already 2010, I thought I'd get some input
from the community on what would you like to see happen to computer security
in higher education, how will your job change (if any), and how can we as
computer security professionals in higher education institutions best
protect against the growing threats?

If you've seen any blogs/articles on computer security trends in higher
education, please forward them my way.

Here's what I've come up with so far:

*       Social Engineering will still be the easiest way to get confidential
information.
*       Multi-factor security will be prevalent.
*       More data breach regulations.
*       PDAs and smart phones will be encrypted due to the sensitive email/
information that they store and how easily they are stolen.
*       Anti-virus software will be still used, but application
white-listing will become more prevalent.

Some links:
http://media.techtarget.com/searchFinancialSecurity/downloads/FISD09_MainBal
lroom_Session8_StateofComputerSecurity_Ranum.pdf
http://www.sans.org/security-resources/10_security_trends.pdf



Appreciate any thoughts you can provide.
Jason Youngquist
Information Technology Security Engineer, Security+
Technology Services
Columbia College
1001 Rogers Street, Columbia, MO  65216
(573) 875-7334
jryoungquist () ccis edu
http://www.ccis.edu

Current thread:

Re: computer security vision for next 3-5 years, (continued)
- Re: computer security vision for next 3-5 years Gina Mieszczak (Jan 12)
- Re: computer security vision for next 3-5 years Michael Sinatra (Jan 12)
- Re: computer security vision for next 3-5 years Eric Case (Jan 12)
- Re: computer security vision for next 3-5 years Valdis Kletnieks (Jan 12)
- Re: computer security vision for next 3-5 years Chris Kidd (Jan 12)
- Re: computer security vision for next 3-5 years Patrick Laughran (Jan 13)
- Re: computer security vision for next 3-5 years St Clair, Jim (Jan 13)
- Re: computer security vision for next 3-5 years Di Fabio, Andrea (Jan 13)
- Re: computer security vision for next 3-5 years Brad Judy (Jan 13)
- Re: computer security vision for next 3-5 years Michael Sinatra (Jan 13)
- Re: computer security vision for next 3-5 years Ozzie Paez (Jan 13)
- Re: computer security vision for next 3-5 years McCrary, Barbara (Jan 13)
- Re: computer security vision for next 3-5 years Dexter Caldwell (Jan 13)
- Re: computer security vision for next 3-5 years Ozzie Paez (Jan 13)