Main Nav

Friday
Oct 21st, 2011
8:30 AM - 9:20 AM
Meeting Room 108A
Eastern Time
The increase of security threats on campuses and the tightening of budgets require IT security programs to get creative. How do you balance the reactive work with the proactive initiatives? The University of Oklahoma will share its strategy for striking this balance and building a community around IT security.
Media
Speakers
Resources

Comments

Patch management isn't just for Operating Systems. Needs to be done for applications. #E11_SESS133 #EDU11

Community: generates advocacy of security program and buy-in. #E11_SESS133 #EDU11

CybSecurity Quick Ref: Given to faculty and staff. #E11_SESS133 #EDU11

"Just One Thing" awareness program with one tip per week for 10 weeks. #E11_SESS133 #EDU11

Next: IT Security PARTY! #E11_SESS133 #EDU11

Lifecycle of Malware Infection: Detect, Triage, Analysis, Fix. #E11_SESS133 #EDU11

Fix: Rebuild/wipe machine. (Don't forget MBR). Reimaging is best after wipe. #E11_SESS133 #EDU11

Triage: Look at logs for related alerts, look up virus common name, Secondary Scan from field. #E11_SESS133 #EDU11

Are you stuck in "Firefighting mode?" - Reactive cycle. #E11_SESS133 #EDU11

cost=cycles(Detection + Triage + e-rate(Anaylsis + Resolution)) #E11_SESS133 #EDU11

Make triage a specific process to reduce costs. #E11_SESS133 #EDU11

Teach IT-Techs how to determine if infections should be escalated to InfoSec. #E11_SESS133 #EDU11

Split analysis into 2 phases. If you don't pass phase 1, then go to phase 2 else just stop. #E11_SESS133 #EDU11 Reduces analysis time.

5 Why's by Sakichi Toyoda. Used by a team to find root causes to incidents. #E11_SESS133 #EDU11


Comments

Patch management isn't just for Operating Systems. Needs to be done for applications. #E11_SESS133 #EDU11

Community: generates advocacy of security program and buy-in. #E11_SESS133 #EDU11

CybSecurity Quick Ref: Given to faculty and staff. #E11_SESS133 #EDU11

"Just One Thing" awareness program with one tip per week for 10 weeks. #E11_SESS133 #EDU11

Next: IT Security PARTY! #E11_SESS133 #EDU11

Lifecycle of Malware Infection: Detect, Triage, Analysis, Fix. #E11_SESS133 #EDU11

Fix: Rebuild/wipe machine. (Don't forget MBR). Reimaging is best after wipe. #E11_SESS133 #EDU11

Triage: Look at logs for related alerts, look up virus common name, Secondary Scan from field. #E11_SESS133 #EDU11

Are you stuck in "Firefighting mode?" - Reactive cycle. #E11_SESS133 #EDU11

cost=cycles(Detection + Triage + e-rate(Anaylsis + Resolution)) #E11_SESS133 #EDU11

Make triage a specific process to reduce costs. #E11_SESS133 #EDU11

Teach IT-Techs how to determine if infections should be escalated to InfoSec. #E11_SESS133 #EDU11

Split analysis into 2 phases. If you don't pass phase 1, then go to phase 2 else just stop. #E11_SESS133 #EDU11 Reduces analysis time.

5 Why's by Sakichi Toyoda. Used by a team to find root causes to incidents. #E11_SESS133 #EDU11