Security Planning

EDUCAUSE Library Items for Security Planning

GSU's Roadmap for a World-Class Information Security Management System: ISO 27001:2005

October 24, 2007 | A session at the EDUCAUSE 2007 Annual Conference

Georgia State University is one of the first universities to embrace the ISO 27001:2005 standard for establishing an information security management system (ISMS). A systematic and disciplined appr…

Information Security: Zero to 60 in 10 Years

October 24, 2007 | A session at the EDUCAUSE 2007 Annual Conference

The focus on information security at Embry-Riddle Aeronautical University, as in many institutions, has evolved gradually over a number of years. Beginning with what can best be described as ad hoc…

Bruce Schneier on Information Security: Ten Trends - Sponsored by AT&T, An EDUCAUSE Silver Partner

October 26, 2007 | A session at the EDUCAUSE 2007 Annual Conference

Surveying current trends in information security, it's clear that a myriad of forces are at work. But fundamentally, security is all about economics: both attacker and defender are trying to m…

How Ready Are IT Managers for a Crisis?

October 24, 2007

The annual Campus Computing Survey focuses on IT security and crisis management, finding gaps in preparation but fewer attacks on networks. The…

Information Technology (IT) Security Essential Body of Knowledge (EBK): A Competency and Functional Framework for IT Security Workforce Development

October 3, 2007

This federal register notice informs the public and interested stakeholders that the Department of Homeland Security (DHS) is making available for public review and comment ``Information Technolo…

A Few Good Metrics

July 21, 2005

Information security metrics don't have to rely on heavy-duty math to be effective, but they also don't have to be dumbed down to red, yellow, green. Here are five smart measurements—…

A Guide to Security Metrics

June 22, 2006

The pressure is on. Various surveys indicate that over the past several years computer security has risen in priority for many organizations. Spending on IT security has increased significantly i…

Guide for Developing Performance Metrics for Information Security: Recommendations of the National Institute of Standards and Technology

May 19, 2006

This publication focuses on developing and implementing information security metrics for an information security program. The processes and methodologies described in this guidance link informati…

ISUnet Security Enhancement Plan

January 1, 2005

During the fall 2003 and spring 2004 semesters, Illinois State University (like most other higher educational institutions) experienced several major network and email based virus outbreaks that …

Final Report of Emergency Communication Systems for Florida University and Community College Campuses

January 1, 2006

This report studies the current emergency communications system for Florida higher education institutions which do not have PA systems that are similar to the K-12 schools. Universities and College…