Webinars and other forms of presentations can be a great way to gain familiarity with a new topic or brush up on a skill that you haven’t used in a while. These presentations cover a variety of topics, from security to project management, and come from various sources around the web.
Meet with EDUCAUSE Staff to Discuss Security and Privacy Programs
Take a few minutes during this open session to stop by and chat with EDUCAUSE staff members Joanna Grama (Director of Cybersecurity and IT GRC Programs) and Valerie Vogel (Program Manager). Learn more about EDUCAUSE security and privacy activities and resources, including the Higher Education Information Security Council (HEISC) and the Information Security Guide.
[Read More]
[Read More]
SOURCE: Educause
Webinars & Presentations
Lock the Gates! Creating Effective Firewall Zones for the Campus Network
Effective network zoning and firewall protection on campus networks with a wide variety of systems, users, and access requirements can be challenging. Dartmouth College completed an extensive redesign of its campus network that leverages extensive firewall capabilities at both the border and the core. The result has been significantly improved traffic flow policies that protect assets from both external and lateral attacks. At the same time, the design has simplified firewall rule sets and minimized administrative overhead. We will share our design development strategy, implementation process, and ongoing workflow procedures as well as lessons learned from the project.OUTCOMES: Understand the need of network zoning as a mitigation for sophisticated attacks (APT) and to meet regulatory compliance * Apply the design principles to their own organization * Learn the value of the adopted workflow process
[Read More]
[Read More]
SOURCE: Educause
Webinars & Presentations
Cybersecurity Insurance: The Fundamentals and Value Before the Breach
Every college and university using technology to deliver services to students, faculty, and staff face cyber risk. As security professionals, we understand critical security controls are a set of actions implemented to mitigate these risks. Another way to manage risk is to transfer the risk via the purchase of cybersecurity insurance, which has created a new vocabulary for security professionals. This session will decrypt cybersecurity insurance into an understandable and purposeful risk-management tool and outline resources and services provided through cybersecurity insurance policies that help identify and reduce risk, thus adding value before you have a breach.OUTCOMES: Learn about cybersecurity insurance policies and resources available from them * Understand insurance vocabulary and how to use cybersecurity insurance as a risk mitigation control in your institution * Learn how to review your own insurance policies and how your Information Security and Risk Management programs can benefit from these policies before a breach
[Read More]
[Read More]
SOURCE: Educause
Webinars & Presentations
Partnering to Become a Smarter City – Sponsored by Aegis Identity Software
The advent of low cost sensors, big data, and cloud computing is enabling organizations to make real-time, data-driven decisions. Cities are realizing this opportunity to become smarter, leveraging these technology tools to improve the lives of their public. Learn how the City of Seattle and others are using sensor in the built environment, opening their data, partnering with academic institutions, and working with their communities to address related privacy and security challenges.
[Read More]
[Read More]
SOURCE: Educause
Webinars & Presentations
Information Security, Governance, and Risk Capability: How Do You Measure Up?
Are your information security, IT governance, and IT risk management initiatives top-notch? Or are you hitting a roadblock but you just don’t know why? Building on successful benchmarking initiatives, EDUCAUSE has built a new online service that helps IT leaders assess and benchmark maturity and technology deployment for a suite of strategic initiatives including information security, IT risk management, and IT governance. Join us to learn about the landscape of information security, IT risk management, and IT governance initiatives in higher education and how to improve in areas of difficulty.OUTCOMES: Identify benchmarks of IT’s capability to deliver information security, IT risk management, and governance * Reflect on comparative areas of success and opportunities for improvement * Discuss action items for improving with institutional leadership
[Read More]
[Read More]
SOURCE: Educause
Webinars & Presentations
I Have an Information Security Program, What Am I Missing?
Ever wonder if your security program is complete or missing components? In this interactive session, you will learn the fundamentals for setting up a multilayered, service-based approach to information security based on Loyola University Chicago’s information security program. The session will cover areas of governance; policies, procedures, and guidelines; incident response; cyberthreat protection; vulnerability assessments; a risk assessment program; awareness; education and training; audit; compliance and regulations; security operations center; data identification; analysis and forensics; secure access; and ERP security services. Learn how to create a program that fits the information security needs of your institution.OUTCOMES: Learn the 12 components of a well-rounded information security program * Identify gaps and corresponding improvements that are needed to bolster your information security posture * Create the “right fit” services for your institution’s information security program
[Read More]
[Read More]
SOURCE: Educause
Webinars & Presentations
Making Awareness Stick
One of the most common long-term challenges faced by any awareness program is getting it to stick. How can schools create an engaging program that people want to listen to, teaches them more, and ultimately changes behaviors? In this talk we will explain what schools are effectively doing to emotionally engage and communicate with their students, staff, and faculty. Key points will include modeling behavior, defining culture, and developing an engagement strategy, communication methods, and ambassador programs. OUTCOMES: Understand why poor communication is the reason most awareness programs fail * Understand the need and how to communicate at the emotional versus the rational level * Learn how to establish the most effective communication methods for your school
[Read More]
[Read More]
SOURCE: Educause
Webinars & Presentations
A Year in the Life of an International Direct Deposit Fraud Ring
In November 2014 Georgia Tech had multiple paychecks redirected through direct deposit fraud. In what began as an effort to prevent a repeat attack, we embarked on what became a yearlong sting operation investigating the behavior of an international fraud ring and eventually led to multiple arrests. This presentation will detail how we did it, the roadblocks we hit along the way, successful and unsuccessful responses to intrusion at other (unnamed) schools, how the crime ring operates, how to prevent direct deposit fraud, and how to prevent recompromise if you have already been hit.OUTCOMES: Understand how to protect from and respond to direct deposit fraud * Learn how to foster productive relationships with law enforcement before you need them * Explore options for taking incident response to the next level
[Read More]
[Read More]
SOURCE: Educause
Webinars & Presentations
Strategies for Complying with the Requirements of the Payment Card Industry Data Security Standards (PCIDSS)
Strategies for Complying with the Requirements of the Payment Card Industry Data Security Standards (PCIDSS) PCI DSS Version 3.1 has raised the bar. If you accept credit cards, PCI DSS applies to you. This presentation provides an overview of PCI DSS 3.1 and a template for achieving compliance. We will also provide a case study on how Wake Forest University has successfully used this template to achieve PCI compliance. This talk will cover specific approaches and examples of technology, organizational structure, communication, and gaining management support. In addition, the presenters will provide an understanding of the technical and business requirements of PCI DSS and strategies to make it easier to become PCI DSS compliant.OUTCOMES: Understand basic PCI DSS requirements and the implementation template * Understand the compliance burden for staff and the computing infrastructure * Understand noncompliance liabilities and learn strategies to reduce the compliance burden and limit liability
[Read More]
[Read More]
SOURCE: Educause
Webinars & Presentations
Working Together to Improve Cyberintelligence in the Big Ten
Last fall the CIC CIOs and CISOs met to discuss advanced persistent threats and how to minimize risk in the face of such skilled adversaries. We concluded that the answer is in increased and more effective collaboration. Michigan and Wisconsin are undertaking experiments to see if interuniversity real-time intelligence sharing is better at reducing false positives than current commercial feeds. Michigan and Ohio State are working to share intelligence across SIEMs. We will report on our current state, what we have learned, and whether we continue to see promise in these approaches.OUTCOMES: Gain insight into kill-chain strategies and whether interuniversity real-time sharing increases accuracy and/or reduces false positives * Learn about our plans going forward
[Read More]
[Read More]
SOURCE: Educause
Webinars & Presentations