Higher Education ...
Follow
Find
5.0K views | +0 today
Higher Education & Information Security
Information Security and Cybersecurity in Higher Education
Your new post is loading...
Your new post is loading...
Scooped by Higher Ed InfoSec Council
Scoop.it!

How to Set Up Two-Factor Authentication for Facebook, Google, Microsoft, and More

How to Set Up Two-Factor Authentication for Facebook, Google, Microsoft, and More | Higher Education & Information Security | Scoop.it
No more excuses! Microsoft, Google, and Facebook make it easy to improve your account security with two-factor authentication. Here's how.
more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

12 LinkedIn mistakes IT pros make

12 LinkedIn mistakes IT pros make | Higher Education & Information Security | Scoop.it

Don't wait until you decide to leave your current job to update your LinkedIn profile. Take a few minutes now to make sure your profile showcases your accomplishments and skills. Here are some common mistakes to avoid, as well.

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Infosecurity - NIST looks to fund cybersecurity R&D center

Infosecurity - NIST looks to fund cybersecurity R&D center | Higher Education & Information Security | Scoop.it

The US National Institute of Standards and Technology (NIST) is planning to sponsor a federally funded research and development center (FFRDC), a nonprofit organization that will act in support the National Cybersecurity Center of Excellence (NCCoE).

 

NIST announced that this is the first FFRDC solely dedicated to enhancing the security of the nation's information systems. It will work in conjunction with NCCoE, a public-private information-sharing collaboration that brings together experts from industry, government and academia – it was established in partnership with the state of Maryland and Montgomery County in February 2012. 

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

BYOD Lawsuits Loom as Work Gets Personal

BYOD Lawsuits Loom as Work Gets Personal | Higher Education & Information Security | Scoop.it
Will BYOD lead to a rash of lawsuits from employees who feel violated? Or maybe a headline-grabbing, class-action lawsuit? Your company better make sure it has an explicit terms-of-use BYOD agreement.
more...
No comment yet.
Rescooped by Higher Ed InfoSec Council from Mobile (Post-PC) in Higher Education
Scoop.it!

Why Your Next Phone Will Include Fingerprint, Facial, And Voice Recognition

Why Your Next Phone Will Include Fingerprint, Facial, And Voice Recognition | Higher Education & Information Security | Scoop.it
Though consumers have demanded a better way to secure their phones besides passwords, they may have had the answer all along without even knowing it: their body parts.

Via Stephen diFilipo
more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Welcome to The New ‘Mobile Stack’

Welcome to The New ‘Mobile Stack’ | Higher Education & Information Security | Scoop.it

IT has gone from managing a highly controlled base of tools to trying to manage a far more heterogeneous mix of devices (smartphones, tablet computers, 3G/4G data cards, netbooks, tablets) running on any number of operating systems. Trying to control all these tools is becoming unnecessary: Cloud services and applications make most data accessible from any device running any OS. The mandate for IT? Shifting from old-school device management to the far more critical and strategic discipline of user management.

 

This new mandate — managing, enabling, and securing users’ mobile behavior — is now beginning to require its own suite of tools. However, as young and fractured as the market still is, most vendors still offer products and features that address just one part of a company’s mobile needs, rather than all of them. This à la carte approach to managing mobility means IT managers must piece together a complete stack that works for their company.

 

It’s a complex undertaking, given that no two companies manage mobility the same way. Companies may embrace bring-your-own-device programs, for instance, in a spectrum of ways — or not at all. Each company has its own unique approach to acquiring, distributing, funding, managing, and outfitting its employees’ mobile devices. And every company needs different apps and levels of security.

more...
No comment yet.
Rescooped by Higher Ed InfoSec Council from Higher Education & Privacy
Scoop.it!

What Does a Five-Year-Old Know that Our Privacy Laws Don’t?

What Does a Five-Year-Old Know that Our Privacy Laws Don’t? | Higher Education & Information Security | Scoop.it

I have three children: twins Rachel and Abby, both age 16 and Jacob, age 14. While in my second year at Eli Lilly and Company nearly a decade ago, my wife, Melisa, had a medical procedure. Jake and I drove Melisa to the doctor’s office for the colonoscopy (although HIPAA does not apply, rules of matrimonial harmony do, so I have received a verbal consent for this disclosure). 

...

At that moment, Melisa, herself an Indiana University Law graduate, looked at me from the front passenger seat and said to me, the CPO of a major multi-national corporation, “Well, at least someone knows something about privacy.”

 

And that’s the point, isn’t it? Even a five year old has the basic wisdom to understand the idea of human dignity and those things that should be held privately. The concept of privacy is intuitive. It is pure.

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Will 'Passthoughts' Replace Passwords?

Will 'Passthoughts' Replace Passwords? | Higher Education & Information Security | Scoop.it

Researchers from U.C. Berkeley say brain scan authentication is reliable enough to replace traditional passwords.

 

Rather than a using a password to gain access, a user would submit a “passthought,” generating a unique signal from brainwaves that may or may not prove difficult to duplicate by a hacker, Phys.org reported. The recent commercialization of external electroencephalogram (EEG) devices -- the researchers used a Neurosky MindSet, which connects wirelessly via bluetooth and costs about $100 -- makes this technology plausible.

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Shodan: The scariest search engine on the Internet

Shodan: The scariest search engine on the Internet | Higher Education & Information Security | Scoop.it

Shodan is an Internet search engine capable of finding just about every connected thing imaginable.

 

"When people don't see stuff on Google, they think no one can find it. That's not true." That's according to John Matherly, creator of Shodan, the scariest search engine on the Internet.

 

Unlike Google, which crawls the Web looking for websites, Shodan navigates the Internet's back channels. It's a kind of "dark" Google, looking for the servers, webcams, printers, routers and all the other stuff that is connected to and makes up the Internet.

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

How valuable are security certifications today?

How valuable are security certifications today? | Higher Education & Information Security | Scoop.it

Will investing your time in earning security-industry certifications ultimately mean more money in your paycheck? Which certifications are vital in today's job market?

 

Certifications should not be the end goal so much as a tool you can use in furthering your career, cautions Chris Brenton, an instructor at the SANS Institute.

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

The Digital Arms Trade via The Economist

The Digital Arms Trade via The Economist | Higher Education & Information Security | Scoop.it

It is a type of software sometimes described as “absolute power” or “God”. Small wonder its sales are growing. Packets of computer code, known as “exploits”, allow hackers to infiltrate or even control computers running software in which a design flaw, called a “vulnerability”, has been discovered. Criminal and, to a lesser extent, terror groups purchase exploits on more than two dozen illicit online forums or through at least a dozen clandestine brokers, says Venkatramana Subrahmanian, a University of Maryland expert in these black markets. He likens the transactions to “selling a gun to a criminal”.

 

Just a dozen years ago the buying and selling of illicit exploits was so rare that India’s Central Bureau of Investigation had not yet identified any criminal syndicates involved in the trade, says R.K. Raghavan, a former director of the bureau. Underground markets are now widespread, he says. Exploits empower criminals to steal data and money. Worse still, they provide cyber-firepower to hostile governments that would otherwise lack the expertise to attack an advanced country’s computer systems, worries Colonel John Adams, head of the Marine Corps’ Intelligence Integration Division in Quantico, Virginia.

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

HP Launches Free Service to Secure Mobile, Web Apps

HP Launches Free Service to Secure Mobile, Web Apps | Higher Education & Information Security | Scoop.it

HP says it now has a free service called "Fortify My App" that lets anyone building mobile or Web applications upload code to the Fortify software-as-a-service and get a limited analysis about whether the code has specific vulnerabilities or design flaws.

more...
No comment yet.
Rescooped by Higher Ed InfoSec Council from Higher Education & Privacy
Scoop.it!

Hacker Creates Worldwide Map of Vulnerable Devices

Hacker Creates Worldwide Map of Vulnerable Devices | Higher Education & Information Security | Scoop.it

A hacker created a worldwide map of more than 100,000 vulnerable devices after “playing around” with a scripting tool. The “Carna” botnet was named after the Roman goddess that protected inner organs because it was “a good choice for a bot that runs mostly on embedded routers.” Carna ran from June to October last year and was allegedly never detected.

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

FAQ: Phishing Tactics and How Attackers Get Away With it

FAQ: Phishing Tactics and How Attackers Get Away With it | Higher Education & Information Security | Scoop.it

Phishing attacks on enterprises can be calamitous in terms of compromised networks or damaged brand names, and the Anti-Phishing Working Group (APWG), which aggregates and analyzes phishing trends data worldwide, offers some of the best insight from industry into what's occurring globally in terms of this cybercrime. The following list of frequently asked questions about phishing is derived from the APWG's April report that covers the period July-December 2012 worldwide.

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Indiana University & Internet2 announce new $2 million cybersecurity initiative to address public sector cyber threats

Indiana University & Internet2 announce new $2 million cybersecurity initiative to address public sector cyber threats | Higher Education & Information Security | Scoop.it

Indiana University Vice President and CIO Brad Wheeler and Internet2 President and CEO David Lambert today announced a $2 million initiative to stimulate collaboration in cybersecurity efforts by higher education institutions and to provide thought leadership on strategic cybersecurity issues nationally and globally.

 

Speaking at the Internet2 Annual Meeting in Arlington, Virginia, Lambert and Wheeler invited the presidents and CIOs of other colleges and universities to join as investors and sponsors of this initiative. They noted that the higher education sector is unique in having significant cyber activities in research, education, and operations. This initiative is intended to stimulate more collaboration among these activities to enable the higher education sector to make further contributions to the national efforts. This new collaboration will immediately launch a national search for an executive director with significant operational experience in cybersecurity in the higher education community.

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

How Facebook Home Undermines Your Security

How Facebook Home Undermines Your Security | Higher Education & Information Security | Scoop.it

Facebook's recently launched Facebook Home app makes using the social network on Android smartphones much easier and smoother — but might also open up some important security holes.

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

2013 Security Awareness Video & Poster Contest Winners Announced

2013 Security Awareness Video & Poster Contest Winners Announced | Higher Education & Information Security | Scoop.it

Nine winners of the 5th Annual Information Security Awareness Video and Poster Contest have been selected. The winning videos and posters are now available for colleges and universities to use in campus security awareness campaigns during National Cyber Security Awareness Month in October, student orientations, and throughout the year. 

 

This year's sponsors and supporters include: CyberWatch, the National Cyber Security Alliance, and Google. 

 

Visit the Information Security Guide's Cybersecurity Awareness Resource Library for more campus education, awareness, and training materials.

 

more...
No comment yet.
Rescooped by Higher Ed InfoSec Council from Mobile (Post-PC) in Higher Education
Scoop.it!

Policymakers Guide - Security, Privacy & Safety | Microsoft Trustworthy Computing

Policymakers Guide - Security, Privacy & Safety | Microsoft Trustworthy Computing | Higher Education & Information Security | Scoop.it

Online security, privacy, and safety are often top concerns for policymakers. Microsoft is committed to addressing these concerns by sharing information, technology, and guidance. (Want to learn more about mobile devices & youth safety?


Via Stephen diFilipo
more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Ted Leonsis: Top 13 Trends for 2013

Ted Leonsis: Top 13 Trends for 2013 | Higher Education & Information Security | Scoop.it
The economy will improve in 2013, with investors eager to deploy capital, but overvalued, overhyped companies are going to struggle to raise capital.

 

#3: Consumerization of IT leads to New Security Concerns, with Resulting Business Opportunities. As people live more and more in the cloud, security will take on a more personal bent—and become more important.

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

The Analogies Project

The Analogies Project | Higher Education & Information Security | Scoop.it

The Analogies will be a source of content to enable those in private enterprise, academia and government to better communicate and understand the contribution of information security to the success and prosperity of nation states, organisations and citizens in the information economy. The content will be delivered through a variety of initiatives. Each initiative exploring alternative communication techniques, media and partners.

 

The Analogies Book is a series of analogies, based in fact, illustrating the relationship between life, information and information security.  The Text will be the primary source of almost all the Project’s activities.

The work of several authors, unified by a single editorial voice, The Analogies Book ranges the world and the centuries finding Analogies which have stories to tell that resonate and have lessons to teach us. The book will draw on the personal careers, lives, interests and knowledge of 20 successful and recognised individuals from outside of the information security domain across business, academia, entertainment, sport and government. They will draft stories, drawn from the past and present, and a small team of information security specialists will highlight the information security risks and draw the parallels with recognised best practise.

Higher Ed InfoSec Council's insight:

The mission of The Analogies Project is an interesting, and challenging, one. We look forward to seeing how this project develops over time. 

 

Mission

The Analogies Project has a clear mission. To tackle the unintelligibility of information security and to secure the interest, understanding and support of a broader audience across society, private enterprise, government and academia.

 

The Analogies Project will bridge the chasm and demolish the barrier between the users, stakeholders and beneficiaries of information security and those responsible for securing the information upon which our prosperity – and maybe even our lives – depend.

 

It will do this through a series of initiatives. Each will explore different communication techniques and platforms, as yet untried, in the pursuit of better awareness and understanding of the relationship between information security and prosperity within the information economy.

more...
No comment yet.
Rescooped by Higher Ed InfoSec Council from Higher Education & Privacy
Scoop.it!

The 5 Biggest Online Privacy Threats of 2013

The 5 Biggest Online Privacy Threats of 2013 | Higher Education & Information Security | Scoop.it
Your Web-based life is under scrutiny, as businesses, law officials, and privacy advocates battle over how to protect your online data.
more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

CISOs: From no seat to multiple hats

CISOs: From no seat to multiple hats | Higher Education & Information Security | Scoop.it

The CISO role in many enterprises is expanding beyond security risk mitigation to risk management, privacy and regulations, and compliance.

 

"If you have worked in information security for the past 15 years, you have witnessed a maturation in the mission of security that is quite remarkable. In its infancy, security was oftentimes viewed as the troglodytes at the end of the corridor, who focused on analyzing packet streams, firewall logs and anti-virus anomalies...

 

Fast forward to the current day, and you will see a new view of security in many enterprises: security is evolving towards a broader focus in risk management. The responsibility of traditional information security has not decreased in importance or duty, but the mindset and role has certainly become more risk-based in nature for security leaders and many current CISOs. And this is appropriate, as information security management at its core is the mitigation, transference, reduction and elimination of risk to the enterprise."

more...
No comment yet.
Rescooped by Higher Ed InfoSec Council from Infosecurity
Scoop.it!

Top 20 Worst Passwords [Infographic]

Top 20 Worst Passwords [Infographic] | Higher Education & Information Security | Scoop.it

Securing yourself from a world of hackers: How to avoid the most common and dangerous passwords.

 

In a recent survey conducted by ZoneAlarm, 79% of consumers were found to use risky password construction practices, such as using personal information and common words. Here are examples of these in order from the number one most commonly used password of all time.


Via Richard H Harris
more...
Richard H Harris's curator insight, March 29, 2013 12:16 PM

Some of the problems with passwords solved by Ensygnia's OneScan www.ensygnia.com

alexander knorr's curator insight, April 15, 2013 2:40 AM

add your insight...

More shares
Scooped by Higher Ed InfoSec Council
Scoop.it!

Smartphones Keep Traces of Files Sent to the Cloud

Smartphones Keep Traces of Files Sent to the Cloud | Higher Education & Information Security | Scoop.it
When smartphone users upload files to cloud-based services, remnants of those files often remain on their handheld device, even if the data is meant to be stored only in the cloud, researchers have found.

 

The consequence is that hackers could potentially access files stored in the cloud, or get access to cloud accounts, using leftover data stored on your Android device, iPhone or other smartphone.


The tracing of leftover data on smartphones is not for the layperson, Kothari says, but could be looked at as the modern-day equivalent of Dumpster-diving for personal information.

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Online Dispute Becomes Internet-Snarling Attack

Online Dispute Becomes Internet-Snarling Attack | Higher Education & Information Security | Scoop.it

A squabble between a group battling spam and a Dutch company that hosts Web sites said to be sending it has escalated into an attack clogging up key online infrastructure worldwide.

 

Millions of ordinary Internet users have experienced delays in services like Netflix or could not reach a particular Web site for a short time.

 

However, for the Internet engineers who run the global network the problem is more worrisome. The attacks are becoming increasingly powerful, and computer security experts worry that if they continue to escalate people may not be able to reach basic Internet services, like e-mail and online banking.

more...
No comment yet.