-
Research
and Publications
Current Issue
March/April 2013
EDUCAUSE ReviewPublications
-
Conferences
and Events
Annual Conference
October 15–18, 2013
Save the date!Events for all Levels and Interests
Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.
-
Career
Development
EDUCAUSE Institute
Leadership/Management Programs
Explore MoreCareer Center
Leadership and Management Programs
EDUCAUSE Institute
Advanced Programs
Project Management
Jump Start Your Career Growth
Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.
-
Focus Areas
and InitiativesLatest Topics
EDUCAUSE organizes its efforts around three IT Focus Areas
Join These Programs If Your Focus Is
-
Connect
and ContributeFind Others
Get on the Higher Ed IT Map
Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.
-
About
EDUCAUSE
Subscribe
Filter by type
Filter by Publications
Filter by Presentations
Filter by Library Taxonomy
- Security Awareness [x]
- Security Implementation [x]
- Security Management [x]
- Cybersecurity (16)
- Security Planning (9)
- Policy and Law (8)
- Campus Policy and Law (7)
- Campus Policies (5)
- Information Technology Management and Leadership (5)
- Security Policies (5)
- Security Risk Assessment and Analysis (5)
- Data Classification Policies (2)
- Data Security (2)
- Information Systems and Services (2)
- Network Security and Applications (2)
- Privacy (2)
- Health Insurance Portability and Accountability Act (HIPAA) (1)
- Open Source (1)
- Planning (1)
- Risk Management (1)
Introduction
Awareness and training are critical at all stages and levels of information security. For example, upper management needs to learn about the institutional risks; users must be taught how to defend themselves against malicious code; system and network administrators require training to help them maintain and improve the security of the systems they oversee; and information security support staff must be well-versed in all of these areas and have a solid understanding of vulnerability assessment, intrusion detection, incident response, encryption, and authentication.
Resources Developed by the Higher Education Information Security Council (HEISC)
- Cybersecurity Awareness Resource Library
- Executive Security Awareness Resources
- Information Security Poster & Video Contest
- National Cybersecurity Awareness Month (NCSAM) Resource Kit
- National Cybersecurity Awareness Month (NCSAM) Sample Kit
- Security Awareness Quick Start Guide
- Security Awareness Detailed Instruction Manual
College and University Education and Awareness Programs and Resources
- Carnegie Mellon University Software Engineering Institute (SEI) CERT Coordination Center Resources for CSIRTs (Computer Security Incident Response Teams)
- George Mason University Security Awareness
- North Dakota State University ITS Training
- Rochester Institute of Technology Digital Self Defense Training
- Texas A&M University Security Awareness Training
- University of Arizona Information Security Awareness, Education, and Training
- University of Calgary Security Awareness Program
- University of Virginia Security Awareness
- Virginia Tech Awareness Training
Updated October 2012
Latest News
Find resources and see what other campuses are doing this October for NCSAM.
NCSAM article in the latest EDUCAUSE Review offers resources and suggestions for campuses to support security awareness efforts in October.
Library Items on this Topic
EDUCAUSE Library Items for Security Awareness
-
Starting from Scratch: IT Security at LSU
-
November 4, 2009
|
A session at the EDUCAUSE 2009 Annual Conference
LSU established an IT Security and Policy Office in the fall of 2005. This presentation will illustrate how LSU developed a strategy to tighten the security of its infrastructure by establishing po…
-
Georgia State University's IT Procurement Review Process--Practical Approach to Assessing Risks of IT Projects
-
March 17, 2011
In late 2005, the Security Review Policy was adopted by the University, which states "Where appropriate, information security personnel will conduct risk assessments of technologies/processe…
-
Security Metrics: A Solution in Search of a Problem
-
August 4, 2008
© 2008 Joel Rosenblatt. The text of this article is licensed under the Creative Commons Attribution-Share Alike 3.0 license ( http://creativecommons.org/licenses/by-sa/3.0/ ). EDUCAUSE Qu…
-
Security Standards: Complexity Is the Enemy of Security
-
March 12, 2008
|
A session at the NERCOMP Annual Conference 2008
Everyone wants to know how to "be secure." The myriad higher ed compliance requirements, coupled with a constantly dynamic attacker strategy, have made this question more difficult than e…
-
Developing a University Systemwide Information Security Roadmap
-
April 11, 2007
|
A session at the Security 2007
Developing and implementing a common set of baseline information security practices across all the campuses of a very large state university system can be a daunting undertaking. This presentation …
-
Seminar 3P - A Blueprint for Handling Sensitive Data: Security, Privacy, and Other Considerations PLEASE NOTE: Separate registration and fee are required to attend this seminar.
-
March 19, 2007
|
A session at the NERCOMP Annual Conference 2007
Information security risks at colleges and universities present challenging legal, policy, technical, and operational issues. According to a recent study by the EDUCAUSE Center for Applied Researc…
-
A Blueprint for Handling Sensitive Data: Security, Privacy, and Other Considerations
-
January 1, 2007
Information security risks at colleges and universities present challenging legal, policy, technical, and operational issues. According to a recent study by the EDUCAUSE Center for Applied Research…
-
Integration Through Participation: Security Is Everyone's Business
-
January 17, 2007
|
A session at the EDUCAUSE Mid-Atlantic Regional Conference 2007
How many people does the IT security staff serve? Thousands. Policies are needed and great to have, but the reality is that IT security depends on all users. We'll review security related poli…
-
Securing E-Mail Infrastructure: Lessons Learned
-
April 12, 2006
|
A session at the Security 2006
E-mail has become the essential form of communication at universities. Its weakness, such as e-mail-borne threats and spam, can[severely impact message delivery and retrieval, crippling or even par…
-
RINGS Open Source Device Registration and Security
-
March 14, 2006
|
A session at the EDUCAUSE Midwest Regional Conference 2006
RINGS provides a complete open source system that scales to the entire campus. This system includes layered security, DHCP services, device registration, account management, security notifications,…
