Higher Education ...
Follow
Find
4.8K views | +0 today
 
Scooped by Higher Ed InfoSec Council
onto Higher Education & Information Security
Scoop.it!

Make Data Security Part of Your Routine (FTC blog)

Make Data Security Part of Your Routine (FTC blog) | Higher Education & Information Security | Scoop.it

Yesterday was Data Privacy Day, and though it’s just one day a year, we hope you’ll make data security part of your regular routine.

Every day, you do things to protect what's most important to you — like locking your front door to prevent someone from breaking into your home. You can also take steps to protect your personal information from identity thieves — online and off — by adding some data privacy habits to your routine.

more...
No comment yet.

From around the web

Higher Education & Information Security
Information Security and Cybersecurity in Higher Education
Your new post is loading...
Your new post is loading...
Scooped by Higher Ed InfoSec Council
Scoop.it!

Cybersecurity Initiative | EDUCAUSE.edu

Cybersecurity Initiative | EDUCAUSE.edu | Higher Education & Information Security | Scoop.it

Please note that we are not currently maintaining content for this Scoop.it! page. However, you can visit the EDUCAUSE Cybersecurity Initiative website for additional higher education information security resources.

Higher Ed InfoSec Council's insight:

You can also follow us on Twitter for the latest scoop on #HigherEd #InfoSec issues, articles, resources, and more. http://twitter.com/HEISCouncil

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Integrating Approaches to Privacy Across the Research Lifecycle: Long-Term Longitudinal Studies

Integrating Approaches to Privacy Across the Research Lifecycle: Long-Term Longitudinal Studies | Higher Education & Information Security | Scoop.it

On September 24-25, 2013, the Privacy Tools for Sharing Research Data project at Harvard University held a workshop titled "Integrating Approaches to Privacy across the Research Data Lifecycle." Over forty leading experts in computer science, statistics, law, policy, and social science research convened to discuss the state of the art in data privacy research. The resulting conversations centered on the emerging tools and approaches from the participants’ various disciplines and how they should be integrated in the context of real-world use cases that involve the management of confidential research data.

This workshop report, the first in a series, provides an overview of the long-term longitudinal study use case. Long-term longitudinal studies collect, at multiple points over a long period of time, highly-specific and often sensitive data describing the health, socioeconomic, or behavioral characteristics of human subjects. The value of such studies lies in part in their ability to link a set of behaviors and changes to each individual, but these factors tend to make the combination of observable characteristics associated with each subject unique and potentially identifiable.

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Security Must Evolve to Be ‘All About the Data’

Security Must Evolve to Be ‘All About the Data’ | Higher Education & Information Security | Scoop.it

Instead of focusing on a device or a user, it would be, “only about the data – not about the device, not about the network. You need to protect it, own it, revoke it.”

 

To do that in the next five years, he said, would require three things: “First, encrypt it with enterprise key management. That’s fundamental to any BYOD strategy.

 

“Second, it has to reside in a virtual container that I control, like an embassy that is subject to my rules and my laws. Somebody else can’t repurpose it, send it out on an email or do anything with it.

 

Finally, he said, it would have to possess egress policies that control who can access it. “If I want to revoke the key, I can hit a red button and it doesn’t matter if the bytes are still there, you can’t read them,” he said, contending that if the National Security Agency had had that kind of control over its data, it could have prevented whistleblower Edward Snowden from stealing and passing on classified information to journalists.

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Georgetown Law Launches Center on Privacy and Technology

Georgetown Law Launches Center on Privacy and Technology | Higher Education & Information Security | Scoop.it

Georgetown University Law Center Dean William M. Treanor is pleased to announce the establishment of the new Center on Privacy and Technology. The Center will bring Georgetown Law’s legal expertise to bear on privacy debates in federal and state legislatures, regulatory agencies and the academy. It will also train Georgetown Law students to be leaders in privacy practice, policymaking and advocacy. 

 

“We are in the midst of a debate about privacy that has the most profound importance, and the ways in which it is resolved will shape the most central aspects of our lives,” Treanor said. “The new Center on Privacy and Technology will ensure that our faculty and students stay at the forefront of that debate for years to come.”

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

A Tough Corporate Job Asks One Question: Can You Hack It?

A Tough Corporate Job Asks One Question: Can You Hack It? | Higher Education & Information Security | Scoop.it
To combat the growing threat of online breaches, companies and governments are hiring chief information security officers — whose main responsibility is to make sure data systems are secure.
more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

The CSO of the future

The CSO of the future | Higher Education & Information Security | Scoop.it
What skills, background and education does a security executive need if they want their career to evolve?
more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Let's Get Ready for NCSAM 2014 | EDUCAUSE.edu

Let's Get Ready for NCSAM 2014 | EDUCAUSE.edu | Higher Education & Information Security | Scoop.it

National Cyber Security Awareness Month is just 3 months away. Have you started planning events and activities for your campus yet? Join EDUCAUSE and NCSA as we celebrate the 11th annual #NCSAM this October.

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

8 ways the password is dying

8 ways the password is dying | Higher Education & Information Security | Scoop.it
From smartphones that know you’re near to tattoos and even pills, high-tech companies are busy replacing pesky strings of text with easier ways to authenticate. Check out the future here.
more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

10 Ways To 'Fix' Cybersecurity

10 Ways To 'Fix' Cybersecurity | Higher Education & Information Security | Scoop.it

Ten cyberexperts offer up their best ideas for stemming the threats we face when it comes to digital security.

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

3 Strategies for the New Era of Enterprise Cybersecurity

3 Strategies for the New Era of Enterprise Cybersecurity | Higher Education & Information Security | Scoop.it

The pace of change for Information Technology is challenging established notions of "What is IT?" and "What is Information Security in the modern age?" For one example, the "new" data center technologies such as virtualization, Software-Defined Networking (SDN), service-oriented delivery models, and cloud computing have radically changed the typical IT infrastructure from a defined set of assets owned and controlled by the organization to a constantly fluctuating roster of resources that can come and go from IT department visibility and control.

 

As this has occurred, we have witnessed the equivalent of a Cambrian Explosion of new Internet-connected life forms--mobile devices, tablets, sensors, actuators, home appliances, monitoring systems, content access devices, and wireless terminals. Applications running on these devices range from recreation to services critical to the functioning of our social and economic infrastructure. Put it all together, and we expect that world population of Internet-connected devices will grow from today's 10 billion to over 50 billion by the year 2020.

 

From a security point of view, these IT changes, including the expansion of Internet-connected devices, lead to a corresponding increase in attack surface. Instead of the mission of protecting a reasonably known and enclosed IT perimeter, we now must be ready to secure any connected device humans can make against any threat a hacker can innovate. Clearly, using established security practices, except on a larger scale, will not suffice.

 

Plainly said, we need to think differently about cybersecurity.

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

SANS Report: Central Admin Largest Security Risk for Higher Ed

SANS Report: Central Admin Largest Security Risk for Higher Ed | Higher Education & Information Security | Scoop.it
Maintaining security on campus may at times appear to be an intractable problem. Yet, a recent survey by the security-focused SANS Institute suggests that some schools may be bringing on their own problems.
Higher Ed InfoSec Council's insight:

Original SANS Report: https://www.sans.org/reading-room/whitepapers/analyst/higher-education-open-secure-35240

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

FCC Will Push Network Providers on Cybersecurity, Wheeler Says

FCC Will Push Network Providers on Cybersecurity, Wheeler Says | Higher Education & Information Security | Scoop.it
If private companies don't improve their security efforts, the agency will step in with regulations, the FCC's chairman said
more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Here's One Big Way Your Mobile Phone Could Be Open To Hackers

Here's One Big Way Your Mobile Phone Could Be Open To Hackers | Higher Education & Information Security | Scoop.it
Unsecure Wi-Fi networks have been a well-known vulnerability in the tech industry for years. They can let even an unsophisticated hacker capture your traffic and possibly steal your identity.
more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Will Too Much Data Blind You to a Data Breach on Your Network? | Innovation Insights | Wired.com

Will Too Much Data Blind You to a Data Breach on Your Network? | Innovation Insights | Wired.com | Higher Education & Information Security | Scoop.it

Certainly, you have a security system or two deployed in your network. These systems, such as Intrusion Prevention Systems (IPS) or next generation firewalls (NGFW), alert you of suspicious activity on a daily basis. Furthermore, you are probably compliant to whatever your industry mandates such as PCI. Well so are your peers, which begs the question of why so many organizations continue to get breached?

 

I would posit this is another case of not keeping up with the times. Let’s face it, when was the last time you evaluated your security infrastructure to determine if it could withstand the most recent threats?

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

National Cybersecurity Awareness Month is Coming Up Quickly!

National Cybersecurity Awareness Month is Coming Up Quickly! | Higher Education & Information Security | Scoop.it

October is National Cyber Security Awareness Month (NCSAM) and it is coming up quickly!

 

Please let us know if your campus is planning any events or activities in October. We are creating a list of 2014 campus events and we’d like to include as many higher education institutions as possible in our NCSAM Resource Kit. Feel free to share the URL or your plans with this list, or send an e-mail directly to security-council@educause.edu.

 

The Higher Education Information Security Council (HEISC) has also compiled a number of FREE educational materials that can be adapted for use at your institution in our Cybersecurity Awareness Resource Library. Or if your institution is seeking a presenter, we have a Speakers Bureau.

 

All of the resources mentioned above can be found on our NCSAM website: http://www.educause.edu/ncsam. We look forward to hearing from you and learning about what your institution is doing to promote the 11th annual National Cyber Security Awareness Month!

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Some Things Should Be Banned from the Internet of Things

Some Things Should Be Banned from the Internet of Things | Higher Education & Information Security | Scoop.it

The unknown danger in connecting an increasing number of analog objects, such as light bulbs, to the Web is worrying policy advisers.


The "Internet of Things” just might have too many things, says Richard Danzig, a member of the Defense Policy Board and the President’s Intelligence Advisory Board. 

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

6 steps to win executive support for security awareness programs

6 steps to win executive support for security awareness programs | Higher Education & Information Security | Scoop.it

Obtaining C-Level support for security awareness programs can be tough, so Ira Winkler and Samantha Manke share a handful of tips for appealing to the executives in your organization.

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

No money, no problem: Building a security awareness program on a shoestring budget

No money, no problem: Building a security awareness program on a shoestring budget | Higher Education & Information Security | Scoop.it
Implementing a security awareness program seems rather straightforward, until you actually start to implement one - factoring in things like resources and the people (users) to be trained. At that point, it can seem complicated, costly, and unnecessary. However, the process doesn't have to be a logistical and expensive nightmare, and it's certainly worth it in the long run.
more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

The 5 Biggest Cybersecurity Myths, Debunked | Opinion | WIRED

The 5 Biggest Cybersecurity Myths, Debunked | Opinion | WIRED | Higher Education & Information Security | Scoop.it
While the Internet has given us the ability to run down the answer to almost any question, cybersecurity is a realm where past myth and future hype often weave together, obscuring what actually has happened and where we really are now. If we ever want to get anything effective done in securing the online world, we have to demystify it first.
more...
No comment yet.
Rescooped by Higher Ed InfoSec Council from Higher Education & Privacy
Scoop.it!

Technology in LED smart lights raises privacy concerns

Technology in LED smart lights raises privacy concerns | Higher Education & Information Security | Scoop.it
A California company has found as way to turn energy-saving LED bulbs into smart networks that can collect and feed data
more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Watch the Web Get Hacked in Real Time on this Mesmerizing Map

Watch the Web Get Hacked in Real Time on this Mesmerizing Map | Higher Education & Information Security | Scoop.it

The constant barrage of headlines trumpeting high-profile security breaches makes it easy to understand at a high level that hack attacks are on the rise, but mere words alone don't truly convey the scope of the constant threats. A mesmerizing example of data visualization by computer security firm Norse lets you see penetration attempts in real time, via a DEFCON-esque map that feels like it was ripped right from the old WarGames movie.

 

Witnessing the constant ping-ping-ping of individual penetration attempts is hypnotic. If you watch long enough, the map will explode in a frenzy of color, as coordinated mass-hack attacks blast across the globemost often out of China, and often pointed toward the U.S. The U.S. itself is the steady number two on the map's "Attack Origins" list, however.

Higher Ed InfoSec Council's insight:

Also see the Smithsonian's article showing the map: http://www.smithsonianmag.com/smart-news/nets-dark-side-watch-people-try-hack-each-other-live-180951823/?no-ist

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

7 tips for protecting your AWS cloud

7  tips for protecting your AWS cloud | Higher Education & Information Security | Scoop.it
Code Spaces was hacked and had to shut down - what can you learn from this?
more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Today's Top Skill Sets in Security -- and Why They're in Demand

Today's Top Skill Sets in Security -- and Why They're in Demand | Higher Education & Information Security | Scoop.it
The old adage that the only thing that's constant is change certainly applies to the world of information security. Whether it's the ever-shifting threat scenarios or the technologies designed to thwart them, new developments seem to be happening all the time.

 

Because of the dynamic nature of the security discipline, the skills organizations and their security programs need are also continually changing.

 

We checked in with a number of security executives, industry analysts and recruitment specialists to find out what they see as the most in-demand skills today and in the coming months. Here are some areas they noted.

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Another Higher-Ed Data Breach, This Time at a University Press

Another Higher-Ed Data Breach, This Time at a University Press | Higher Education & Information Security | Scoop.it

Duke University Press alerted users on Tuesday that its website had suffered a “security incident.” In an email blast to people with site accounts, the publisher said that usernames and encrypted passwords had been exposed as a result of the breach but that no financial information had been compromised.

 

According to a spokeswoman, the press learned of the breach on May 29 and had been working with the university’s Office of Information Technology in the weeks since then to gauge the extent of the damage.

more...
No comment yet.
Rescooped by Higher Ed InfoSec Council from Higher Education & Privacy
Scoop.it!

The Privacy Paradox, a Challenge for Business

The Privacy Paradox, a Challenge for Business | Higher Education & Information Security | Scoop.it
A new global survey of consumers found that businesses — more than hackers or government — are seen as a threat to the privacy of personal information.
more...
No comment yet.