1 / 8

Higher Education Information Security Council

Higher Education Information Security Council. David Swartz Chief Information Officer American University. HEISC Background. Hosts: EDUCAUSE and Internet2 History: Serving higher education since 2000

Télécharger la présentation

Higher Education Information Security Council

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Higher Education Information Security Council David Swartz Chief Information Officer American University

  2. HEISC Background Hosts: EDUCAUSE and Internet2 History: Serving higher education since 2000 Mission: to improve information security and privacy across the higher education sector by actively developing and promoting effective practices and solutions for the protection of critical IT assets and infrastructures.

  3. Activities • Security Discussion Group • Working Groups • People: awareness and training • Process: compliance, policies, risk, governance • Technology: effective practices and solutions • Professional Development • Annual Security Professionals Conference • SANS-EDU Partner Series • Collaborations and Partnerships • Research and Education Networking Information Sharing and Analysis Center (REN-ISAC) • Center for Internet Security • . . . and more

  4. HEISC Strategic Plan Theme: Safeguarding Our IT Assets, Protecting Our Community’s Privacy Goals: • Obtain Executive Commitment and Action • Manage Data to Enhance Privacy and Security Protections • Develop and Promote Effective Practices and Solutions • Explore New Tools and Technologies • Establish and Promote Information-Sharing Mechanisms

  5. Special Projects • Confidential Data Handling Blueprint • Guidelines for Data and Media Sanitization • Toolkit for Electronic Records Management, Data Retention, and e-Discovery • Information Security Governance • Risk Management Framework • Security Awareness Poster/Video Contest • National Cybersecurity Awareness Month • Security Metrics

  6. Risk Management Compliance Security Policy Organization of Information Security Asset Management Human Resources Security Physical and Environmental Security Communications and Operations Management Access Controls Information Systems Acquisition, Development, and Maintenance Incident Management Business Continuity Management Effective Security Practices Guide

  7. Call to Action • Attend • Security Professionals ConferenceApril 12-14, 2010, Atlanta, Georgianet.educause.edu/conference/security • Contribute • Submit an Effective Practice and Solutionwww.educause.edu/security/guide • Join • Discussion Group: www.educause.edu/groups/security • REN-ISAC: www.ren-isac.net • Volunteer • Send an email to security-volunteer@educause.edu

  8. For More Information • Visit: • Higher Education Information Security Councilhttp://www.educause.edu/security • Contact: • David Swartz, American University, HEISC Co-Chairdswartz@american.edu • Brian Voss, LSU, HEISC Co-Chairbvoss@lsu.edu • Peter Siegel, UC-Davis, HEISC Co-Chairpmsiegel@ucdavis.edu • Rodney Petersen, EDUCAUSE, HEISC Staffrpetersen@educause.edu

More Related