Educause Security Discussion mailing list archives
TechBurst - October 25th, 2017 - Cloud Vendor Security Risk Assessments: An Update from the HEISC Shared Assessments Working Group
From: Sarah Bigham <sarah () REN-ISAC NET>
Date: Mon, 23 Oct 2017 13:12:40 -0400
Date: Wednesday, October 25th, 2017 Time: Noon (12:00) EDT Link: https://iu.zoom.us/j/470662714 Audience:[1]: Public [Pb] Speakers: Charles Escue, Lead Security Analyst, Indiana University Title: Cloud Vendor Security Risk Assessments: An Update from the HEISC Shared Assessments Working Group DESCRIPTION =========== Assessing vendor risk and security posture continues to be a time-consuming effort for many security professionals in higher education. Although many campuses commit resources to the highest priority assessments, few are able to assess all cloud services that host institutional data. To explore the potential for collaborative risk security assessments, a HEISC working group was formed with EDUCAUSE, Internet2, and REN-ISAC members to develop the Higher Education Cloud Vendor Assessment Tool (HECVAT), published in late 2016. Please join Charles to discuss the origin and goals of the HECVAT, how the community will guide future development, how to leverage the HECVAT for beginning and existing security assessment programs, and discover ways to contribute. SPEAKER ======= Charles Escue is a Lead Security Analyst with the University Information Security Office, protecting institutional data by conducting IT security reviews, third-party risk/security assessments, and IT policy implementation. Escue previously served with Campus Network Infrastructure and IT Community Partnerships and has more than 10 years of IT experience at IU. ------------------------------- [1] INFORMATION SHARING GUIDANCE: This TechBurst is Public. TechBursts are limited to REN-ISAC members unless marked with one of the following exception tags: - "MG" (Members and Guests) sessions are open to members and hosted, trusted guests of members. Access to MG TechBursts require authentication with a REN-ISAC userid and password. So, guests must view the webcast with the member present. - "Pb" (Public) indicates a session is open to the public. ***Participation in TechBursts without an exception tag are limited to REN-ISAC members ONLY.*** **This TechBurst will be archived.** During the session you can ask questions by logging into the #techburst IRC channel. For instructions on connecting to the IRC server, see https://secure.ren-isac.net/ircd.html. For those without IRC access, you may send questions to techburst () ren-isac net or use the Q&A screen within Zoom. Please note that only you and the Presenter will see your question. -- Sarah Bigham Lead Security Analyst REN-ISAC 2719 E. 10th Street, Suite 201 / Bloomington, IN 47408 office: +1(812) 855-2267 sarah () ren-isac net https://www.linkedin.com/company/ren-isac Research and Education Networking – Information Sharing and Analysis Center / www.ren-isac.net 24x7 Watch Desk: +1(317) 278-6630, soc () ren-isac net "Distrust and caution are the parents of security" - Benjamin Franklin
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- TechBurst - October 25th, 2017 - Cloud Vendor Security Risk Assessments: An Update from the HEISC Shared Assessments Working Group Sarah Bigham (Oct 23)
- [REMINDER] REN-ISAC TechBurst - October 25th, 2017 - Cloud Vendor Security Risk Assessments: An Update from the HEISC Shared Assessments Working Group Sarah Bigham (Oct 25)