Higher Education & Information Security
5.1K views | +0 today
Follow
Higher Education & Information Security
Information Security and Cybersecurity in Higher Education
Your new post is loading...
Your new post is loading...
Scooped by Higher Ed InfoSec Council
Scoop.it!

FCC Issues Security Guidance to Smartphone Users

FCC Issues Security Guidance to Smartphone Users | Higher Education & Information Security | Scoop.it

"The U.S. Federal Communications Commission is advising smartphone users on how to protect their mobile devices and data from mobile security threats.

 

The Commission released an online tool called the "Smartphone Security Checker" [recently] that outlines a 10-step action plan that mobile users can follow to prevent their personal data from being exposed in case their devices get infected with malware or are lost, stolen or resold."

Higher Ed InfoSec Council's insight:

Check out the Smartphone Security Checker at: http://www.fcc.gov/smartphone-security

Select from one of four operating systems to generate a checklist.

more...
Higher Ed InfoSec Council's comment, December 21, 2012 11:54 AM
Also available: a general smartphone security checklist: http://www.fcc.gov/sites/default/files/smartphone_master_document.pdf
Rescooped by Higher Ed InfoSec Council from Higher Education & Privacy
Scoop.it!

Online privacy’s new iconography

Online privacy’s new iconography | Higher Education & Information Security | Scoop.it

"What are sites really doing with your personal data? A new visual rating system is here to help

 

The online syndicate Disconnect has joined forces with Internet nonprofit Mozilla and a team of designers to demystify web privacy for the masses. Their weapon of choice? A visual rating system that pops up in your browser bar. Since reading the fine print on how your personal information gets used is time-consuming and confusing, which is why you don’t do it. As a result, average web surfers (Hi!) has absolutely no idea what information sites are mining for, or how they use it. That’s where the icons come in."

more...
Higher Ed InfoSec Council's curator insight, December 19, 2012 4:46 PM

It will be interesting to see which privacy icon effort takes off.

 

ACT has recently introduced App Privacy Icons: http://actonline.org/act-blog/archives/2674.

 

And an article earlier this year highlighted a project by Yale students where they created privacy icons similar to the Creative Commons icons: http://boingboing.net/2012/05/08/privacy-icons-similar-to-creat.html

Higher Ed InfoSec Council's comment, December 21, 2012 2:29 PM
Here is a related article on the icons developed by Mozilla and Disconnect: http://www.fastcodesign.com/1671442/a-system-of-icons-for-demystifying-online-privacy#1
Scooped by Higher Ed InfoSec Council
Scoop.it!

5 tips to retain great security talent

5 tips to retain great security talent | Higher Education & Information Security | Scoop.it
You want the best on your security team. And once you've got them, you want to keep them happy and keep them in your organization.

Three security career and management experts weigh in on what security managers need to do to retain top-notch security talent.

First, figure out whether you have the right team...
more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

IBM Researcher Devises 'Identity Mixer' For Online Privacy

IBM Researcher Devises 'Identity Mixer' For Online Privacy | Higher Education & Information Security | Scoop.it
A scientist at IBM (NYSE:IBM) in Zurich has devised Identity Mixer, which he believes can solve online privacy issues.
more...
No comment yet.
Rescooped by Higher Ed InfoSec Council from Higher Education & Privacy
Scoop.it!

Uncle Sam is drunk on data, pooh-poohing privacy

Uncle Sam is drunk on data, pooh-poohing privacy | Higher Education & Information Security | Scoop.it
Newly leaked documents reveal how much data the government is gathering on innocent Americans. The answer: A lot

Are you being watched? Listened to? Spied upon? You don't have to catch too many episodes of "Homeland" to believe that. You just have to follow the news and connect the dots.

Anyone who's been paying attention to the growing surveillance industrial complex knows about the uber-secret $2 billion data storage and analysis facility being built in the Utah desert. (In fact, one of my readers says she was asked to sign on to that project, which began shortly after 9/11.) That facility is scheduled to go online in September 2013.
more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Putting Cyber Warfare Into Perspective | SecurityWeek.Com

Putting Cyber Warfare Into Perspective | SecurityWeek.Com | Higher Education & Information Security | Scoop.it
Cyberwar is not war in and of itself. It is not even another battlefield. Nor is it as novel as some people claim. It is just a logical conclusion and evolution of the widespread adoption of computers and technology in modern culture.
more...
No comment yet.
Rescooped by Higher Ed InfoSec Council from Higher Education & Privacy
Scoop.it!

'How-To' for De-Identification of Health Data is Good First Step; More Work Needed | Center for Democracy & Technology

'How-To' for De-Identification of Health Data is Good First Step; More Work Needed | Center for Democracy & Technology | Higher Education & Information Security | Scoop.it

"A decision out of the Department of Health and Human Services, Monday, took a good first step toward achieving a better quality, less expensive health care system that carries the added benefit of better protections for individual patient health records.  That move was the issuance of long overdue guidance for methods of de-identifying data gleaned from public health records, as required by federal law.

 

Access to the vast amounts of health data increasingly available as the nation continues to roll out its all digital health information network will provide the opportunity for the kind of rigorous data analysis that is critical if the U.S. is to realize the promise of a lower cost, better quality health care system. It is just as critical that the privacy of the individuals from which that data is drawn is protected in a way that invokes trust in the system."

more...
No comment yet.
Rescooped by Higher Ed InfoSec Council from The Daily Information Security Dose
Scoop.it!

They got me!

They got me! | Higher Education & Information Security | Scoop.it

"Being a security professional is sometimes a difficult thing. Everybody expects you to be wise in terms of security, threats, knowing all different kinds of attacks and so on. Being phished yourself as a security pro will make people worry even more and they ask seriously how this could happen."


Via Joerg Asma
more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

CyberCity allows government hackers to train for attacks

CyberCity allows government hackers to train for attacks | Higher Education & Information Security | Scoop.it

"CyberCity has all the makings of a regular town. There’s a bank, a hospital and a power plant. A train station operates near a water tower. The coffee shop offers free WiFi.

 

But only certain people can get in: government hackers preparing for battles in cyberspace." 

 

 

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Making Metrics Matter to the C-Suite (leave IT-centric focus behind)

Making Metrics Matter to the C-Suite (leave IT-centric focus behind) | Higher Education & Information Security | Scoop.it
Phil Gardner of IANS explains why security needs to rethink metrics and leave the IT-centric focus behind...

 

"Ultimately, what I am proposing is two distinct sets of metrics. The first is a set of strategic metrics that CISOs can present to the C-suite. These should focus on how information security is directly helping revenue go up, costs go down, or both. The second set should be operational metrics that help you run your department. Don't confuse the two and dont try to make one into the other."

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Schneier on Security: E-Mail Security in the Wake of Petraeus

Schneier on Security: E-Mail Security in the Wake of Petraeus | Higher Education & Information Security | Scoop.it

Bruce Schneier has "been reading lots of articles discussing how little e-mail and Internet privacy we actually have in the U.S."

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Cybersecurity Bill’s Outlook Still Bleak

Cybersecurity Bill’s Outlook Still Bleak | Higher Education & Information Security | Scoop.it

"When sweeping cybersecurity legislation failed to advance in the Senate in August, it went down with a barrage of finger-pointing and posturing. And aides from both parties say that nothing really has changed since it was filibustered.

 

Senate Majority Leader Harry Reid, D-Nev., is looking to revive the Cybersecurity Act as soon as this week, which seems optimistic given that he had also promised to take up the bill at the beginning of 2012; it didn’t hit the floor until July."

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Rethinking the Computer at 80

Rethinking the Computer at 80 | Higher Education & Information Security | Scoop.it
Dr. Neumann, an 80-year-old computer scientist at SRI International, is leading an effort to redesign computers and software from a “clean slate” to make them more secure.

 

"[Dr. Neumann] is leading a team of researchers in an effort to completely rethink how to make computers and networks secure, in a five-year project financed by the Pentagon’s Defense Advanced Research Projects Agency, or Darpa, with Robert N. Watson, a computer security researcher at Cambridge University’s Computer Laboratory.

 

'I’ve been tilting at the same windmills for basically 40 years,' said Dr. Neumann recently... 'And I get the impression that most of the folks who are responsible don’t want to hear about complexity. They are interested in quick and dirty solutions.'”

more...
No comment yet.
Rescooped by Higher Ed InfoSec Council from Higher Education & Privacy
Scoop.it!

Instagram Proves We Care More About Pictures Than Personal Data

Instagram Proves We Care More About Pictures Than Personal Data | Higher Education & Information Security | Scoop.it
We seem to accept that Facebook and Pinterest hand off our personal data to advertisers, but a virtual angry mob gathers at the mere idea that Instagram might use people's pictures in advertising.
more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

How do you keep talented security staff at your organization?

How do you keep talented security staff at your organization? | Higher Education & Information Security | Scoop.it
Of course everyone wants more money. But are there other job-satisfaction measurements staff may use that will keep them in your security department?
more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

The Only 2013 Cybersecurity Predictions List You Need to Read

The Only 2013 Cybersecurity Predictions List You Need to Read | Higher Education & Information Security | Scoop.it
CIO.com blogger Constantine von Hoffman compiled and condensed all the painfully-obvious and self-serving 2013 cybersecurity-threat-prediction lists on the Web into a single tasty nugget.
more...
No comment yet.
Rescooped by Higher Ed InfoSec Council from Higher Education & Privacy
Scoop.it!

Instagram and Facebook’s ad policy change could compromise privacy for teens

Instagram and Facebook’s ad policy change could compromise privacy for teens | Higher Education & Information Security | Scoop.it
Instagram’s policy changes may let advertisers use teenagers’ photos for marketing, raising privacy and security concerns.
more...
Scooped by Higher Ed InfoSec Council
Scoop.it!

Smart TV hack highlights risk of 'The Internet of Everything'

Smart TV hack highlights risk of 'The Internet of Everything' | Higher Education & Information Security | Scoop.it
A smart TV is only as smart as the person controlling it. So if the person in control is a hacker, the owner could have a problem. Researchers at security consultancy ReVuln say some smart TVs are vulnerable to hacking.

It is another example of what experts say is the ever-expanding attack surface of devices that traditionally never faced the Internet, but are now "smart."

The researchers at the Malta-based company said they found a vulnerability in a number of smart TVs made by Samsung Electronics that gave them root access to the TV and any attached USB drives.
more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Ira Winkler: Stupid users, or stupid infosec?

Ira Winkler: Stupid users, or stupid infosec? | Higher Education & Information Security | Scoop.it
When security professionals see stupidity all around them, shouldn't they ask themselves whether it's their own precautions that are lacking?
more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

The (Encryption) Key to Dealing with Data Insecurity

The (Encryption) Key to Dealing with Data Insecurity | Higher Education & Information Security | Scoop.it
Valuable data stored in the cloud is sure to be a target. What can be done to make it harder to steal?

 

"I will leave it to the experts to sort out the technical details regarding best practices, but my sense is that the standardization of cloud-based encryption will help resolve a number of operational and legal challenges facing providers and customers (subject to the lawyers identifying new issues created by its implementation)."

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

How Did I Get Hacked and Why Didn't Facebook Help?

How Did I Get Hacked and Why Didn't Facebook Help? | Higher Education & Information Security | Scoop.it

"It was Monday night. My wife, Paula and I decided to watch “The Big Country,” a corny classic that we both love. It was a night for the two of us, so I intentionally left the iPhone and iPad in the office upstairs. As I’ve said before, always on is sometimes too much.

 

I didn’t know that on Monday night, I was still on even as I sat in another room watching cowboys fight a range war. I ignored the phone when it rang, and I was unaware that I getting about a dozen alarmed messages from friends.

 

After Gregory Peck and Jean Simmons rode off into the sunset, I checked my voice mail. It was Robert Scoble. His terse message altered my reality of the moment. “You’ve been hacked! You should stop visiting dangerous sites.” Then a pause. “You should know better."

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

White House moves on cybersecurity

White House moves on cybersecurity | Higher Education & Information Security | Scoop.it

"The White House’s strategy on cybersecurity: Co-opt the opposition. The Obama administration is crafting an executive order designed to keep the country’s most important digital systems safe from hackers and spies — a new regulatory burden sure to make many in industry recoil.

 

So the White House is bringing in key players for meetings now — getting early input that the feds hope will make any new rules easier to enforce and voluntary pieces more likely to produce results."

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Kill the Password: Why a String of Characters Can't Protect Us Anymore

Kill the Password: Why a String of Characters Can't Protect Us Anymore | Higher Education & Information Security | Scoop.it

"You have a secret that can ruin your life. It’s not a well-kept secret, either. Just a simple string of characters—maybe six of them if you’re careless, 16 if you’re cautious—that can reveal everything about you.

 

Your email. Your bank account. Your address and credit card number. Photos of your kids or, worse, of yourself, naked. The precise location where you’re sitting right now as you read these words. Since the dawn of the information age, we’ve bought into the idea that a password, so long as it’s elaborate enough, is an adequate means of protecting all this precious data. But in 2012 that’s a fallacy, a fantasy, an outdated sales pitch. And anyone who still mouths it is a sucker—or someone who takes you for one.

 

No matter how complex, no matter how unique, your passwords can no longer protect you."

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Employees Engage in Rogue Cloud Use Regardless of Security Policies

Employees Engage in Rogue Cloud Use Regardless of Security Policies | Higher Education & Information Security | Scoop.it

"Studies show that employees are engaging in rogue use of the cloud, even when IT organizations say they have clear formal cloud policies and penalties for violation of the policies.

 

In a survey of about 500 companies across a range of industries and sizes, Symform found that nearly 20 percent of businesses have no clear security policies or standards around employee or departmental use of cloud. Of the 39 percent of IT organizations that say they are not using the cloud, 65 percent said they allow employees or teams to use cloud services and 35 percent allow employees to put company data in cloud applications."

more...
No comment yet.
Rescooped by Higher Ed InfoSec Council from Higher Education & Privacy
Scoop.it!

IT professionals say social networking is number one risk to information security - Computer Business Review

IT professionals say social networking is number one risk to information security - Computer Business Review | Higher Education & Information Security | Scoop.it
Research reveals that social networking and mobile are the biggest security concerns for UK enterprises...

Via Justyna LaPay, Higher Ed InfoSec Council
more...
No comment yet.