Search| Browse| Contribute
Library| Blogs| Jobs| Podcasts| Wikis| Feeds
Page Location:
Home > Browse > Cybersecurity > Security Management > Incident Handling and Response, Presented at Security Professionals Conference
Alternate ViewsRSS

Incident Handling and Response, Presented at Security Professionals Conference

Collecting and Preserving Data in the Wake of a Tragedy
Added by the EDUCAUSE Librarian
Title:Collecting and Preserving Data in the Wake of a Tragedy (ID: SEC08073)
Author(s):William Dougherty (Virginia Tech)
Origin:Presented at Security Professionals Conference (05/04/2008)
Type:Presentations/Speeches
Abstract:

After the tragic events of April 16, 2007, at Virginia Tech, IT professionals and university legal counsel had to quickly address the need to collect and preserve data in the event of future litigation. Performing tasks while dealing with grief and protecting academic freedom and privacy issues has required a delicate approach.

View this resource:
http://www.educause.edu/ir/library/powerpoint/SEC08073.pps
| | | | |
Send to a Friend  56 reads

Incident Response Tracker: Centralized Monitoring, Distributed Response
Added by the EDUCAUSE Librarian
Title:Incident Response Tracker: Centralized Monitoring, Distributed Response (ID: SEC08063)
Author(s):Martin Manjak (University at Albany, SUNY)
Origin:Presented at Security Professionals Conference (05/04/2008)
Type:Presentations/Speeches
Abstract:

With a mixture of centralized and local IT service providers, higher ed presents unique challenges to effective incident response. The University at Albany has developed a web-based incident management and reporting tool that provides immediate sharing of incident information with local responders and real-time incident response functionality (e.g., switch port control).

View this resource:
http://www.educause.edu/ir/library/pdf/SEC08063.pdf
| |
Send to a Friend  45 reads

Effective Windows Security
Added by the EDUCAUSE Librarian
Title:Effective Windows Security (ID: SEC07089)
Author(s):John Bruggeman (Hebrew Union College-Jewish Institute of Religion)
Origin:Presented at Security Professionals Conference (04/11/2007)
Type:Presentations/Speeches
Abstract:IT security is a critical issue in higher education. This session will give participants a framework and set of tools to help them effectively manage Windows XP and Windows 2000 desktop and data security at their institutions.
View this resource:
http://www.educause.edu/ir/library/powerpoint/SEC07089.ppsEffective Windows Security Presentation
http://www.microsoft.com/technet/security/guidance/default.mspxMicrosoft Technet Security Guides
[Off site]
| | |
Login to post comments  Send to a Friend  1840 reads

Incident Tracking and Reporting
Added by the EDUCAUSE Librarian
Title:Incident Tracking and Reporting (ID: SEC07097)
Author(s):Joshua Beeman (University of Pennsylvania) and Kathy Bergsma (University of Florida)
Origin:Presented at Security Professionals Conference (04/12/2007)
Type:Presentations/Speeches
Abstract:

The University of Florida and the University of Pennsylvania both regularly generate summary reports of computer incidents for information security managers. The reports help identify units that need improvement, assist with planning and risk assessment, and have contributed to an improvement in the security posture of both universities.

View this resource:
http://connect.educause.edu/blog/llarsen/educause_security_conference_incident_tracking_and_reporting/24598Blog notes from session
http://www.educause.edu/ir/library/powerpoint/SEC07097.ppsUniversity of Florida Incident Tracking and Reporting
http://www.educause.edu/ir/library/powerpoint/SEC07097A.ppsUniversity of Pennsylvania Incident Tracking and Reporting
| |
Login to post comments  Send to a Friend  2136 reads

Honeypots as a Tool to Improve Incident Response Readiness at USP
Added by the EDUCAUSE Librarian
Title:Honeypots as a Tool to Improve Incident Response Readiness at USP (ID: SEC07101)
Author(s):Alberto Camilli (Universidade de Sao Paulo) and Maria Isabel Teixeira das Chagas (Universidade de Sao Paulo)
Origin:Presented at Security Professionals Conference (04/12/2007)
Type:Presentations/Speeches
Abstract:A honeypot network was deployed in the main campuses of USP. This presentation will discuss how these honeypots were configured, as well as the initiative's impact on the perception of incident reduction at USP. It will also demonstrate the mechanism for automated honeypot notification and the major statistics resulting from honeypot incidents at USP.
View this resource:
http://www.educause.edu/ir/library/powerpoint/SEC07101.ppsHoneypots at USP
http://www.educause.edu/ir/library/pdf/SEC07101.pdfHoneypots for the Control of Security Incidents
| |
Login to post comments  Send to a Friend  1784 reads

Effective Incident Response
Added by the EDUCAUSE Librarian
Title:Effective Incident Response (ID: SEC07079)
Author(s):David C. Kovarik (Northwestern University), Gabriel Lawrence (University of California, San Diego), Greg Hedrick, II (Purdue University), and Jonathan Sweeny (Indiana University)
Origin:Presented at Security Professionals Conference (04/11/2007)
Type:Presentations/Speeches
Abstract:Prompted by regulatory requirements and best practices as deployed by four different institutions of higher education, this panel will discuss the common ground and differences of each institution's implementation and offer insight on how different types of incidents are handled.
View this resource:
http://www.educause.edu/ir/library/powerpoint/SEC07079A.ppsEffective Incident Response-NU
|
Login to post comments  Send to a Friend  1723 reads

Security Policy Resources and Models
Added by the EDUCAUSE Librarian
Title:Security Policy Resources and Models (ID: SEC07080)
Author(s):Connie Popp (Eastern Michigan University), Jack McCoy (University of Colorado System), and William L. Custer (Miami University)
Origin:Presented at Security Professionals Conference (04/11/2007)
Type:Presentations/Speeches
Abstract:

The EDUCAUSE/Internet2 Security Task Force Model Policy Subgroup will survey its model security policy wiki, an inventory of policy samples, organized around 10 industry standard topics. This session will drill down on decision points in four custom models: security management, data classification, incident response, and security planning.

View this resource:
http://www.educause.edu/ir/library/powerpoint/SEC07080.ppsSecurity Policy Resources and Models
https://wiki.internet2.edu/confluence/display/secguide/Security+Policies+and+ProceduresWiki
[Off site]
| | |
Login to post comments  Send to a Friend  2258 reads

ISO 27001:2005 - GSU's Roadmap for a World Class Infomation Security Management System
Added by the EDUCAUSE Librarian
Title:ISO 27001:2005 - GSU's Roadmap for a World Class Infomation Security Management System (ID: SEC07006)
Author(s):Taiye Lambo (eFortresses, Inc.) and William Monahan (Georgia State University)
Origin:Presented at Security Professionals Conference (04/11/2007)
Type:Presentations/Speeches
Abstract:GSU is one of the first universities in the world to embrace the ISO 27001:2005 standard for establishing an information security management system (ISMS). Although it has been challenging, this systematic and disciplined approach to empowering people, processes, and technology is helping us develop a world-class ISMS.
View this resource:
http://www.educause.edu/ir/library/pdf/SEC07006A.pdfGSU's Roadmap for a World Class Information Security Management System
http://www.educause.edu/ir/library/pdf/SEC07006C.pdfSecurity Breaches Mapping (12-31-06)
http://www.educause.edu/ir/library/pdf/SEC07006D.pdfSecurity Breaches Mapping (3-31-07)
http://www.educause.edu/ir/library/pdf/SEC07006B.pdfSecurity Breaches Mapping (7-1-06)
http://www.educause.edu/ir/library/pdf/SEC07006E.pdfThe Holistic Information Security Practitioner (HISP) Defined
| | |
Login to post comments  Send to a Friend  2040 reads

Incident Handling: Event Correlation, Response, Reporting, and Planning
Added by the EDUCAUSE Librarian
Title:Incident Handling: Event Correlation, Response, Reporting, and Planning (ID: SPC0692)
Author(s):Ramon Kagan (York University), Richard Rollason-Reese (Eastern Connecticut State University), and Christopher Russel (York University)
Origin:Presented at Security Professionals Conference (04/12/2006)
Type:Presentations/Speeches
Abstract:This session will describe the centralized system for event correlation and automated incident response (CECR) used by York University. There will also be a section on the use of incident reporting as valuable feedback into IT planning by Eastern Connecticut State University.
View this resource:
http://www.educause.edu/ir/library/powerpoint/SPC0692A.pps
http://www.educause.edu/ir/library/powerpoint/SPC0692B.pps
| |
Login to post comments  Send to a Friend  2236 reads

Staying Out of the Security Headlines
Added by the EDUCAUSE Librarian
Title:Staying Out of the Security Headlines (ID: SPC0693)
Author(s):David Escalante (Boston College) and Cathy Hubbs (George Mason University)
Origin:Presented at Security Professionals Conference (04/12/2006)
Type:Presentations/Speeches
Abstract:In the first half of last year 550,000 people associated with 16+ schools had personal information exposed in university security breaches, generating negative publicity for the universities concerned and higher education as a whole. Hear two affected universities describe how it felt to be in the fire, how they avoided fanning the flames, and how their incident-handling protocols have been improved as a result.
View this resource:
http://www.educause.edu/ir/library/powerpoint/SPC0693.ppsStaying Out of the Security Headlines
| |
Login to post comments  Send to a Friend  1940 reads

Information Sharing the MOREnet Way: How Not to Keep Secrets
Added by the EDUCAUSE Librarian
Title:Information Sharing the MOREnet Way: How Not to Keep Secrets (ID: SPC0688)
Author(s):Randall Raw and Beth Young
Origin:Presented at Security Professionals Conference (04/12/2006)
Type:Presentations/Speeches
Abstract:The MOREnet security office receives information about incidents and redistributes the information to help all members better secure their networks. In this presentation, we will discuss the tools we use and how we sanitize information to protect the guilty and innocent alike.
View this resource:
http://www.educause.edu/ir/library/powerpoint/SPC0688.pps
| |
Login to post comments  Send to a Friend  1968 reads

Windows Authentication Activity Analysis
Added by the EDUCAUSE Librarian
Title:Windows Authentication Activity Analysis (ID: SPC0685)
Author(s):Kenneth J. Hoover (Yale University)
Origin:Presented at Security Professionals Conference (04/12/2006)
Type:Presentations/Speeches
Abstract:Logging of activity of any kind is useless without an effective process to distill useful information from clutter. This presentation will cover how to capture, understand, and analyze user authentication records on Windows systems to assist in both routine and incident response scenarios.
View this resource:
http://www.educause.edu/ir/library/powerpoint/SPC0685.pps
| | |
Login to post comments  Send to a Friend  2067 reads

Security Incident Database
Added by the EDUCAUSE Librarian
Title:Security Incident Database (ID: SPC0687)
Author(s):Loren Michael Johnson (University of Oklahoma) and Calvin Weeks
Origin:Presented at Security Professionals Conference (04/12/2006)
Type:Presentations/Speeches
Abstract:The University of Oklahoma has developed and implemented a security incident database developed entirely on widely available open source software products. The Web-based system allows users to enter, annotate, block, and send notifications to users and administrators. The system has been in operation since 2001, with more than 8,000 incidents entered to date.
View this resource:
http://www.educause.edu/ir/library/word/SPC0687A.doc
http://www.educause.edu/ir/library/powerpoint/SPC0687B.pps
| | |
Login to post comments  Send to a Friend  2278 reads

Data-Incident Notification Policies and Procedures
Added by the EDUCAUSE Librarian
Title:Data-Incident Notification Policies and Procedures (ID: SPC0661)
Author(s):Mary Ann Blair (Carnegie Mellon University), Tracy Mitrano (Cornell University), and Steven Schuster (Cornell University)
Origin:Presented at Security Professionals Conference (04/10/2006)
Type:Presentations/Speeches
Abstract:Information security policies and procedures increasingly must respond to legal requirements in the area of notification in the event of a breach of personally identifiable information. This session will also explore technical issues related to meeting legal standards such as "reasonable belief that data has been acquired by an unauthorized user." Members of a panel will also describe their actual responses to incidents at their institutions.
View this resource:
http://www.educause.edu/ir/library/powerpoint/SPC0661.ppsIncident Notification Policies Procedures
| |
Login to post comments  Send to a Friend  2999 reads

Paradigm Shift in Outbreak Response
Added by the EDUCAUSE Librarian
Title:Paradigm Shift in Outbreak Response (ID: SPC0570)
Author(s):Beth Binde (Rutgers, The State University of New Jersey) and Lance Jordan (Rutgers, The State University of New Jersey)
Origin:Presented at Security Professionals Conference (04/04/2005)
Type:Presentations/Speeches
Abstract:Analysis of network device logs supported a paradigm shift in the response to virus and worm outbreaks at Rutgers. Previously dependent solely on reports from outside institutions, the Rutgers University Computing Incident Response Team (RU CIRT) took on a proactive role in the detection of infected hosts.
View this resource:
http://www.educause.edu/ir/library/powerpoint/SPC0570.pps
| |
Login to post comments  Send to a Friend  2798 reads
12next ›last »