1 Institutions as Allies in the Security Challenge Wayne Donald, Virginia Tech Cathy Hubbs, George...
-
Upload
ronald-ferguson -
Category
Documents
-
view
213 -
download
0
Transcript of 1 Institutions as Allies in the Security Challenge Wayne Donald, Virginia Tech Cathy Hubbs, George...
1
Institutions as Allies in the Institutions as Allies in the Security Challenge Security Challenge
Wayne Donald, Virginia TechCathy Hubbs, George Mason University
Darlene Quackenbush, James Madison UniversityShirley Payne, University of Virginia
2005 EDUCAUSE ConferenceOctober 20th, 2005
Copyright Wayne Donald, Cathy Hubbs, Darlene Quackenbush, Shirley Payne; 2005. This work is the intellectual property of the authors. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the author.
2
AgendaAgenda
The why and what of the alliance Products and services Creation, support, and strategies for success Benefits realized Q&A
3
The Why & What The Why & What of the Allianceof the Alliance
Wayne Donald
Information Technology Security Officer
Virginia Tech
4
Events Influencing FormationEvents Influencing Formation
Cooperative efforts were already underway among four institutions
Governor Mark Warner charged higher education to help meet cybersecurity goals
Development of Higher Education CIO’s plan for supporting Virginia IT strategic plan
JMU and GMU cybersecurity research centers’ charge to assist State in meeting security goals
5
VVirginiairginia
AAlliance forlliance for
SSecureecure
CComputingomputing
AAnd nd
NNetworkingetworking
6
PurposePurpose
Strengthen security programs across Virginia higher education by integrating and making available field-proven tools, best practices,
and people from VA SCAN partner institutions
Establish links to security research, instruction, and federal/state government initiatives to enhance security opportunities
7
VA SCANVA SCAN
The alliance brings together
Virginia higher education security practitioners, who develop and maintain security programs emulated by other institutions, and
Researchers responsible for creating cybersecurity instruction and research programs nationally recognized for excellence
8
Current VA SCAN PartnersCurrent VA SCAN Partners Security Practitioners at
George Mason University James Madison University University of Virginia Virginia Tech
Security Researchers at Institute for Infrastructure and Information Assurance
(JMU) Center for Secure Information Systems (GMU) Critical Infrastructure Protection Project (GMU/JMU)
9
StatusStatus
Endorsed by Higher Education CIO’s Group and University Presidents
First products and services were made available March 2003
Assisted other State institutions in defining and organizing security programs
Additional products and services under development with input from “user” institutions
10
Products & ServicesProducts & Services
Cathy Hubbs
Information Technology Security Coordinator
George Mason University
11
Present OfferingsPresent Offerings Full service website http://vascan.org
Consulting “Ask the Expert” email service On–site engagements
Annual conference and SANS workshop
12
Present OfferingsPresent Offerings Information resources:
Security instructional materials Moderated mail list for general security
discussions VA-CIRT group for tracking new threats
Compliance Checklist for State of Virginia
Web-based toolkit of tools & best practices
13
Creation, Support, & Creation, Support, & Strategies for SuccessStrategies for Success
Shirley Payne
Director for Security Coordination & Policy
University of Virginia
14
Set-up StepsSet-up Steps(May 2002 – February 2003)(May 2002 – February 2003)
Developed concept paper Held monthly half-day planning sessions Developed formal charter Identified best practices and training
materials Designed and implemented website Developed operating procedures Planned and executed communication and
marketing efforts
15
Ongoing Support EffortsOngoing Support Efforts
Monthly meetings to share information and plan new activities
Website content enhancement Mail list activity Consulting & training engagements Conference/workshop planning & delivery Promotion
16
Strategies for SuccessStrategies for Success
Support of Commonwealth of Virginia’s IT agency
Support of partner institutions’ executives Long history of collaboration among partners Linkage of security research and practice in the
field We’re filling a critical need Continuous service enhancement is a priority Services offered are within staffing/funding
means
17
Strategies for SuccessStrategies for Success Our principles:
We teach and guide clients to develop and maintain strong security programs
We base offerings on state and federal standards Offerings balance security risks with other
organizational priorities. We promote security being integrated into everything
an organization does. We use research to keep offerings on the cutting
edge. Cooperation among Alliance members transcends
competition.
18
Benefits RealizedBenefits Realized
Darlene Quackenbush
University Information Security Officer
James Madison University
19
Benefits RealizedBenefits Realized
Saves time and improves quality
20
Benefits RealizedBenefits Realized
Saves time and improves quality Reduces security training costs
21
Benefits RealizedBenefits Realized
Saves time and improves quality Reduces security training costs Helps avoid costs
22
Benefits RealizedBenefits Realized
Saves time and improves quality Reduces security training costs Helps avoid costs Greater influence
23
Benefits RealizedBenefits Realized
Saves time and improves quality Reduces security training costs Helps avoid costs Greater influence BUILDS RELATIONSHIPS
24
Governor’s Technology Award Winner
September, 2003
EDUCAUSE Excellence in Information Technology Solutions Award Winner
October, 2005
25
http://vascan.org
Wayne Donald, Virginia [email protected]
Cathy Hubbs, George Mason [email protected]
Shirley Payne, University of [email protected]
Darlene Quackenbush, James Madison [email protected]