Search| Browse| Contribute
Library| Blogs| Jobs| Podcasts| Wikis| Feeds
Page Location:
Home > Browse > Information Technology Management and Leadership > Planning > Security Planning and Data Security (10 records)
Alternate ViewsRSS

Security Planning and Data Security

Recent blog entries tagged with Security Planning and Data Security.

Podcast: The FTC as an Educational Partner in Improving Data Security and Privacy
Created by Gerry Bayne (EDUCAUSE) on May 19, 2008

This 38 minute podcast features a keynote address by Mary Beth Richards, Deputy Director of the Bureau of Consumer Protection for the Federal Trade Commission. Her speech, "The FTC as an Educational Partner in Improving Data Security and Privacy," was recorded at the EDUCAUSE 2008 Policy Conference in Arlington, Virgina.

| | | | | |
gbayne's blog  Login to post comments  Read more  1 attachment  Send to Friend  70 reads

EDUCAUSE Live! Podcast: What Price Insularity? Reflections About Computer Security Failings.
Created by Gerry Bayne (EDUCAUSE) on January 07, 2008

In this EDUCAUSE Live! podcast, join host, Steve Worona, for the topic "What Price Insularity? Reflections About Computer Security Failings". Steve's guest is Fred Schneider, Professor of Computer Science at Cornell University.

Presentation slides for this audio can be found here.

| | | | | | |
gbayne's blog  Login to post comments  Read more  1 attachment  Send to Friend  492 reads

E07 Video & Podcast: "Bruce Schneier on Information Security: Ten Trends"
Created by Valerie M. Vogel (EDUCAUSE) on November 29, 2007

Watch the video or listen to the podcast of Bruce Schneier's recent keynote speech, "Bruce Schneier on Information Security: Ten Trends", which was delivered at the EDUCAUSE 2007 Annual Conference in Seattle, Washington on October 26, 2007.

You can also hear a 14 minute interview with Bruce Schneier. Listen in as he shares some insightful words about privacy along with interesting commentary about ethics, cybersecurity, and blogging.

| | | | | |
vvogel's blog  Login to post comments  Send to Friend  266 reads

E07 Podcast: Bruce Schneier on Information Security: Ten Trends
Created by Gerry Bayne (EDUCAUSE) on October 31, 2007

In this 43 minute podcast, we feature a keynote speech by Bruce Schneier, author and Chief Technology Officer for BT Counterpane, Inc. This speech was delivered at the EDUCAUSE 2007 Annual Conference in Seattle, Washington on October 26th, 2007. It is entitled "Bruce Schneier on Information Security: Ten Trends".

Surveying current trends in information security, it’s clear that a myriad of forces are at work. But fundamentally, security is all about economics: both attacker and defender are trying to maximize the return on their investments. Economics can both explain why security fails so often and offer new solutions for its success. For example, often the people who could protect a system are not those who suffer the costs of failure. Changing these economic incentives will do more to improve security than will more technology.

REAL

| | | | | | | | | | | |
gbayne's blog  Login to post comments  1 attachment  Send to Friend  5162 reads

New Resource Page on PCI DSS (Payment Card Industry Data Security Standard)
Created by Valerie M. Vogel (EDUCAUSE) on June 15, 2007

Explore the new PCI DSS Resource Page. View Community Resources (under the "Other" tab) or contribute your own resources.

| | | |
vvogel's blog  Login to post comments  Send to Friend  3421 reads

May/June 2006 EDUCAUSE Review Security-Related Articles
Created by Valerie M. Vogel (EDUCAUSE) on May 11, 2006
Read the latest security-related articles in EDUCAUSE Review (Volume 41, Number 3, May/June 2006):
| | | | | | | |
vvogel's blog  Login to post comments  Send to Friend  3803 reads

EDUCAUSE Security Professionals Conference 2006. Summary:System-wide Strategies for Achieving IT Security at Univ. of California
Created by Lida L. Larsen (EDUCAUSE) on April 25, 2006
System-wide Strategies for Achieving IT Security at the University of California
Jacqueline Craig, Director of Policy, University of California Office of the President
David H. Walker, Director of Advanced Technology, University of California Office of the President
 
How do you effectively achieve appropriate stewardship of both personal and restricted information which is used across an institution’s academic, administrative, and other operations?  This session took a close look at the efforts of the University of California system efforts.
 
UC has experienced a number of serious security breaches across the 18 campuses, centers and labs.  In 2003, California passed legislation requiring notification if there is a reasonable belief that unauthorized access of information has occurred and there is reason to believe that privacy of individuals has been compromised.  UC responded by instituting a university-wide security workgroup to come up with solutions.  The workgroup was comprised of faculty, deans, vice-chancellors, general counsel, security officers, CIOs and directors.
 
The working group agreed upon a number of recommendations:
  • Leadership actions to achieve accountability
  • University-wide communication and security education & training
  • Stronger IT security policies
  • Risk assessment guidelines and mitigation with focus on both academic and administrative strategies.
| | | | | |
llarsen's blog  Login to post comments  Read more  Send to Friend  4080 reads

UCISA Information Security Toolkit
Created by Stuart Yeates (University of Oxford) on March 15, 2006

USISA
Originally uploaded by Stuart Yeates.

UCISA were at the 2006 JISC Conference, touting their Information Security Toolkit:



The UCISA Information Security Toolkit is intended to support UK Higher and Further Education Institutions in producing Information Security policies to address (and to demonstrate that they are addressing) threats to the confidentiality, integrity and availability of information systems for which they are responsible, and to help meet audit requirements. The sections draw heavily on British Standard BS 7799, not least by adopting its structure for control objectives and controls.


Unfortunately it's very much embedded in the UK legislative framework, so only the technical bits will be of much use to those outside the UK. Strangely enough, I spent three days in Blackpool last week at their big annual event and didn't catch up with the toolkit at all, presumably they were all too busy running the event to promote their own documents.

| | | | | | | | |
StuartYeates's blog  Login to post comments  Read more  Send to Friend  4161 reads

Risk Assessment Framework
Created by Valerie M. Vogel (EDUCAUSE) on January 09, 2006
The EDUCAUSE/Internet2 Security Task Force Risk Assessment Working Group has released the Risk Assessment Framework, which provides a high-level overview of assessing information systems within higher education.

View additional Security Risk Assessment and Analysis resources available in the EDUCAUSE Resource Center.
| | | | | |
vvogel's blog  Login to post comments  Send to Friend  4583 reads

JISC release new information security and safety to all UK universities and colleges
Created by Stuart Yeates (University of Oxford) on November 24, 2005
New guidelines on information security and safety were today issued to all colleges and universities in the UK. The guidelines, issued by JISC (Joint Information Systems Committee) and UCISA (Universities and Colleges Information Systems Association), are aimed at helping educational institutions reap the benefits of Information and Communications Technology (ICT) while protecting themselves, their staff and students from online threats.

The document, produced by UCISA, covers such topics as outsourcing, planning and personnel, as well as more immediate matters such as cryptography, teleworking and user management.

Unfortunately the documents are released under a very-nearly but not quite Creative Commons Attribution-NonCommercial-ShareAlike licence.

| | | | | |
StuartYeates's blog  Login to post comments  Send to Friend  4007 reads