Security Task Force Announcements and Security Management

The 2009 EDUCAUSE and Inernet2 Security Professionals Conference—featuring keynote speakers Joanne McNabb, Chief of the Office of Privacy Protection, State of California, and Edward Amoroso, Chief Information Security Officer, AT&T—will address privacy and security topics in the areas of management and operations, policy and compliance, and technology.

Participate as a presenter: Presenters help create an innovative and informative program, make valuable contacts, and gain recognition for their achievements and their organization's. Presentations will need to address one of the following categories:

The EDUCAUSE/Internet2 Computer and Network Security Task Force 2008-2009 Strategic Plan is now available online. The Security Task Force (STF) has adopted the theme of "Safeguarding Our IT Assets, Protecting Our Community's Privacy" for 2008-2009. The STF strategic planning process aims to anticipate higher education security issues, enabling campuses to forge joint efforts and solutions and recognizing that security challenges continue to evolve in our digital information world.

The following goals have been identified for 2008-2009 to help focus working group priorities in the near term (12-18 months):

EDUCAUSE has published the results of the 2008 Current Issues Survey, and this year Security edged out Funding IT as the top strategic challenge.

The latest EDUCAUSE Quarterly article, "Current Issues Survey Report, 2008", states:

The EDUCAUSE/Internet Security Task Force provided a briefing to the CSIS Commission on Cyber Security for the 44th Presidency on March 12, 2008, during the event "Improving Cybersecurity: Recommendations from Private Sector Experts". A 1-page summary of the briefing is available, as well as the complete transcript.

Watch the video or listen to the podcast of Bruce Schneier's recent keynote speech, "Bruce Schneier on Information Security: Ten Trends", which was delivered at the EDUCAUSE 2007 Annual Conference in Seattle, Washington on October 26, 2007.

You can also hear a 14 minute interview with Bruce Schneier. Listen in as he shares some insightful words about privacy along with interesting commentary about ethics, cybersecurity, and blogging.

A study of ERP security issues produced a checklist that shows institutions what to look for while letting vendors know what campuses consider important. Learn more about this in the recent EDUCAUSE Quarterly article, "A Security Checklist for ERP Implementations" by former Security Task Force co-chair Joy R. Hughes and co-author Robert Beer.

The Department of Homeland Security's National Cyber Security Division worked with subject matter experts from government, the private sector, and academia to develop an umbrella framework that establishes a national baseline representing the essential knowledge and skills IT security practitioners must have to perform their jobs. The IT Security EBK builds directly on established work and is not intended to represent a standard, directive, or policy by DHS. Instead, it further clarifies key IT security terms and concepts for well-defined competencies, identifies notional security roles, and defines primary functional perspectives to help advance the IT security training and certification landscape as we strive to ensure that we have the most qualified and appropriately trained IT security workforce possible.

Security remains a top strategic challenge according to the 2007 Current IT Issues Survey Report. The 2007 Current Issues Web site offers additional resources.

On March 21, 2007, Jim Davis (Associate Vice Chancellor and Chief Information Officer at the University of California, Los Angeles) appeared before the United States Senate Judiciary Committee's Subcommittee on Terrorism, Technology and Homeland Security Committee to provide his testimony during a hearing on "Identity Theft: Innovative Solutions for an Evolving Problem".

Read the latest security-related articles in EDUCAUSE Quarterly (Volume 29, Number 1, 2006):

• "Effective Management of Information Security and Privacy" by Alicia Anderson
• "Do You Know Where Your Data Are?" by Cedric Bennett
• "Policy and Legal Implications of Spyware and Data Privacy" by Andrea Nixon