HEISC October 2017 Update: New Resources & List Reminders

[Valerie Vogel <vvogel () EDUCAUSE EDU>]

Greetings,

We hope that National Cyber Security Awareness Month is going well for your institution! We’ve heard about some great 
online games, events, and other activities and hope to share some lessons learned in the Security Matters column next 
month. In the meantime, please check out the latest infosec and privacy resources for the higher ed community.

NOTE: This message also offers a few friendly reminders about Security Discussion list participation.

Resources

  *   Need security awareness resources for NCSAM or year-round campaigns, but not sure where to start? Read our blog, 
Take Advantage of the 2018 Security Awareness Campaign 
Materials<https://er.educause.edu/blogs/2017/9/take-advantage-of-the-2018-security-awareness-campaign-materials>, or 
visit our new Security Awareness website<https://www.educause.edu/securityawareness>.
  *   GDPR continues to be a hot topic in higher ed. Visit our library page with the latest resources: 
https://library.educause.edu/topics/policy-and-law/eu-general-data-protection-regulation-gdpr
  *   Miss the October 11 IAM Online webinar, Taking a Fresh Look at IAM: Two Case Studies with Sharon Pitt & Tom 
Dugas? Review the slides and recording<https://www.incommon.org/iamonline/>.
  *   Miss the October 23 EDUCAUSE Live! webinar with Jason Hoenich, Shifting to Security Awareness 2.0? The recording 
and slides<https://events.educause.edu/educause-live/webinars/2017/shifting-to-security-awareness-2-0> are now 
available for EDUCAUSE members.
  *   Updated vrsions of the HECVAT and HECVAT 
lite<https://library.educause.edu/resources/2016/10/higher-education-cloud-vendor-assessment-tool> were just posted in 
our library. This page includes links to the REN-ISAC Cloud Broker Index.
  *   The Higher Education CISO: A Modest Security Awareness 
Hero<https://staysafeonline.org/blog/higher-education-ciso-modest-security-awareness-hero/> is an EDUCAUSE staff guest 
blog published by the National Cyber Security Alliance for NCSAM’s week 4 theme.
  *   3 NCSAM blogs were just published by EDUCAUSE staff and focus on faculty & student perceptions of infosec:
     *   Educating Faculty about Information 
Security<https://er.educause.edu/blogs/2017/10/educating-faculty-about-information-security-insights-and-findings-from-ecars-2017-faculty-study>
     *   Beyond Passwords and PINs: Students and InfoSec 
Training<https://er.educause.edu/blogs/2017/10/beyond-passwords-and-pins-students-and-infosec-training>
     *   With Age Comes Wisdom...and information Security 
Savvy<https://er.educause.edu/blogs/2017/10/with-age-comes-wisdom-and-information-security-savvy>
  *   A Little Decision-Making Forensics<https://er.educause.edu/blogs/2017/10/a-little-decision-making-forensics> by 
HEISC co-chair, Mike Corn
  *   Time for Password Expiration to Die<https://er.educause.edu/blogs/2017/10/time-for-password-expiration-to-die> 
and NIST Has Spoken: Death to Complexity, Long Live the 
Passphrase!<https://er.educause.edu/blogs/2017/10/nist-has-spoken-death-to-complexity-long-live-the-passphrase> by 
Lance Spitzner, SANS Institute

2018 Security Professionals Conference (April 10–12 in Baltimore, MD)

  *   The CFP for our 16th annual Security Professionals 
Conference<https://events.educause.edu/security-professionals-conference/2018> closed yesterday and we received a 
record number of submissions (144)! Please stay tuned...presenters will be notified in mid-December. The full program 
and registration will be available online in January 2018.

Security Discussion Group<https://www.educause.edu/discuss/security-discussion-group> Participation Reminders

  *   This list is public; anyone is welcome to subscribe.
  *   Archives are publicly available and searchable.
  *   Posts to this list may be aggregated by other sites such as http://seclists.org/.
  *   Replies will automatically go to the entire list. If you intend to respond directly to an individual on the list, 
please be sure to check the “To:” line before sending your message.
  *   For more sensitive questions or sharing of information, consider using the REN-ISAC<https://www.ren-isac.net/> 
list if you are a member.

Follow Us & Stay Informed

  *   Twitter<https://twitter.com/HEISCouncil>
  *   Pinterest<https://www.pinterest.com/heiscouncil/>
  *   YouTube<http://www.youtube.com/user/SecurityVideoContest>
  *   Security Matters blog column<http://er.educause.edu/columns/security-matters> in EDUCAUSE Review

Questions or comments? Can’t find a resource? Let us know: security-council () educause edu<mailto:security-council () 
educause edu>

Thank you,
Valerie

Valerie Vogel
Senior Manager, Cybersecurity Program

EDUCAUSE
Uncommon Thinking for the Common Good
direct: 202.331.5374 | twitter: @HEISCouncil | vvogel () educause edu<mailto:vvogel () educause edu>

_________________

October is National Cyber Security Awareness Month! Visit our Awareness Campaigns 
page<http://www.educause.edu/securityawareness> for free resources.