80 likes | 94 Views
Higher Education Information Security Council. David Swartz Chief Information Officer American University. HEISC Background. Hosts: EDUCAUSE and Internet2 History: Serving higher education since 2000
E N D
Higher Education Information Security Council David Swartz Chief Information Officer American University
HEISC Background Hosts: EDUCAUSE and Internet2 History: Serving higher education since 2000 Mission: to improve information security and privacy across the higher education sector by actively developing and promoting effective practices and solutions for the protection of critical IT assets and infrastructures.
Activities • Security Discussion Group • Working Groups • People: awareness and training • Process: compliance, policies, risk, governance • Technology: effective practices and solutions • Professional Development • Annual Security Professionals Conference • SANS-EDU Partner Series • Collaborations and Partnerships • Research and Education Networking Information Sharing and Analysis Center (REN-ISAC) • Center for Internet Security • . . . and more
HEISC Strategic Plan Theme: Safeguarding Our IT Assets, Protecting Our Community’s Privacy Goals: • Obtain Executive Commitment and Action • Manage Data to Enhance Privacy and Security Protections • Develop and Promote Effective Practices and Solutions • Explore New Tools and Technologies • Establish and Promote Information-Sharing Mechanisms
Special Projects • Confidential Data Handling Blueprint • Guidelines for Data and Media Sanitization • Toolkit for Electronic Records Management, Data Retention, and e-Discovery • Information Security Governance • Risk Management Framework • Security Awareness Poster/Video Contest • National Cybersecurity Awareness Month • Security Metrics
Risk Management Compliance Security Policy Organization of Information Security Asset Management Human Resources Security Physical and Environmental Security Communications and Operations Management Access Controls Information Systems Acquisition, Development, and Maintenance Incident Management Business Continuity Management Effective Security Practices Guide
Call to Action • Attend • Security Professionals ConferenceApril 12-14, 2010, Atlanta, Georgianet.educause.edu/conference/security • Contribute • Submit an Effective Practice and Solutionwww.educause.edu/security/guide • Join • Discussion Group: www.educause.edu/groups/security • REN-ISAC: www.ren-isac.net • Volunteer • Send an email to security-volunteer@educause.edu
For More Information • Visit: • Higher Education Information Security Councilhttp://www.educause.edu/security • Contact: • David Swartz, American University, HEISC Co-Chairdswartz@american.edu • Brian Voss, LSU, HEISC Co-Chairbvoss@lsu.edu • Peter Siegel, UC-Davis, HEISC Co-Chairpmsiegel@ucdavis.edu • Rodney Petersen, EDUCAUSE, HEISC Staffrpetersen@educause.edu