Higher Education: Open and Secure? A SANS Survey
- Tuesday, June 17th, 2014 at 1:00 PM EDT (17:00:00 UTC)
- Randy Marchany, Patrick Bedwell, Paul Asadoorian, and Christopher Budd
You can now attend the webcast using your mobile device!
Higher education has always balanced the need for open accessibility with the need to secure employee and student private data and internal data and networks. These institutions have been forerunners in enabling use of personally owned devices, given the open nature of campuses and the many such devices used by students, faculty and others.
Today, institutions of higher education are becoming more focused on granting more granular, but secure, access from a wider variety of mobile applications, a task that must be completed while protecting personal records, many of which are regulated by FERPA, GLB, SOX, ITAR, HIPAA and other regulations. Institutions must protect academic records, instructional and research data, including intellectual property accessed via student, administrative or research networks.
Although higher education IT groups may be forerunners in anywhere, anytime access, they've done so without the personnel, tools and financial resources that most commercial enterprises have at their disposal. How do higher education IT groups stretch their security dollars? What's their next focus in terms of protection?
Attend this webcast and find out how institutions continue to maintain a balance between the open nature of the academic world and the increasing security concerns and threats to sensitive and regulated data stored on a growing array of user devices. Based on survey responses, this survey will provide a benchmark for determining the state of vulnerability and the security of higher education IT assets and the sensitive data they may contain.
Click here to view the associated whitepaper.
Randy is the Chief Information Security Officer of Virginia Tech and the Director of Virginia Tech's IT Security Laboratory. He is a co-author of the original SANS Top 10 Internet Threats, the SANS Top 20 Internet Threats, the SANS Consensus Roadmap for Defeating DDoS Attacks, and the SANS Incident Response: Step-by-Step guides. He is a member of the Center for Internet Security development team that produced and tested the CIS Solaris, HPUX, AIX, Linux and Windows2000/XP security benchmarks and scoring tools. He was a member of the White House Partnership for Critical Infrastructure Security working group that developed a Consensus Roadmap for responding to the DDOS attacks of 2000.
Patrick Bedwell has 17 years of experience in the network security and network management industries. He is the vice president of product marketing at AlienVault, responsible for creating and executing the go-to-market strategy for AlienVault's Unified Security Management products. Previously, Patrick was VP of product marketing at Fortinet and has held product marketing and product management leadership positions at Arcot Systems, McAfee, SecurityFocus, Network ICE and Network General. Patrick earned an MBA with honors from Santa Clara University and a BA in English from the University of California, Berkeley.
Paul Asadoorian is the founder of PaulDotCom (http://pauldotcom.com), an organization responsible for publishing award-winning podcasts, blogs and videos on the topics of information security and hacking. Paul's day job as the product evangelist for Tenable Network Security, keeps him busy showcasing cool vulnerability scanning technology through blogs, podcasts and videos. Paul has a background in penetration testing, embedded device hacking, and is the co-author of two books: WRT54G Ultimate Hacking and the latest publication titled Offensive Countermeasures: The Art Of Active Defense.
Christopher Budd is a global threat communications manager with Trend Micro, where he focuses on communications around online security and privacy threats to help people understand the risks they face and what they can do about them. In addition, he focuses on managing crisis communications utilizing the framework and processes he helped put in place. Prior to joining Trend Micro, Christopher worked as an independent consultant focused on helping clients build crisis communications frameworks for online security and privacy incidents. He draws on his 10 years of experience at Microsoft Corporation, where he oversaw and managed worldwide internal and external communications around security and privacy incidents.