Security Implementation

In "Security Metrics: A Solution in Search of a Problem", a recent EDUCAUSE Quarterly article, Joel Rosenblatt (Manager of Computer and Network Security, Columbia University) describes how the creation and collection of appropriate metrics can enhance an institution's security program. Learn about some potential metrics in the following areas: policy and compliance, network and machine monitoring, outreach and education, legal compliance, authorization and authentication, asset protection, and privacy.

Rebecca Whitener, vice president, enterprise risk management and chief risk officer, EDS, and Greg Garcia, assistant secretary for cyber security and communications, United States Department of Homeland Security, will present keynote sessions at the 2008 Security Professionals Conference, May 4–6 in Arlington, Virginia.

The conference program will cover these topic areas, with a focus on higher education:

A study of ERP security issues produced a checklist that shows institutions what to look for while letting vendors know what campuses consider important. Learn more about this in the recent EDUCAUSE Quarterly article, "A Security Checklist for ERP Implementations" by former Security Task Force co-chair Joy R. Hughes and co-author Robert Beer.

In this fifteen minute podcast, we feature an interview with Cedric Bennett, Emeritus Director for Information Security Services at Stanford University. Mr. Bennett also serves on the EDUCAUSE/Internet2 Computer and Network Security Task Force. We interviewed him at the EDUCAUSE 2007 Annual Conference in Seattle, Washington, where he was presenting a session entitled, "Stop, Drop, and Roll: Prevent and Douse Cyber Incidents".

In this 43 minute podcast, we feature a keynote speech by Bruce Schneier, author and Chief Technology Officer for BT Counterpane, Inc. This speech was delivered at the EDUCAUSE 2007 Annual Conference in Seattle, Washington on October 26th, 2007. It is entitled "Bruce Schneier on Information Security: Ten Trends".

Surveying current trends in information security, it’s clear that a myriad of forces are at work. But fundamentally, security is all about economics: both attacker and defender are trying to maximize the return on their investments. Economics can both explain why security fails so often and offer new solutions for its success. For example, often the people who could protect a system are not those who suffer the costs of failure. Changing these economic incentives will do more to improve security than will more technology.

Closing Keynote at the Security Professionals Conference 2007 in Denver, Colorado. A speech entitled “Influencing the Future of Security in Your Organization” by Pamela Fusco, who has accumulated over 20 years of substantial experience as an Information Security and Risk Management Professional. Her extensive background and expertise expand globally encompassing numerous facets of enterprise security inclusive of logical, physical, personal, facilities, systems, networks, wireless, compliance and auditing, risk management and forensic investigations. She is currently Executive Vice President of Security Solutions for Fishnet Security. This speech has a runtime of approximately 52 minutes.