Main Nav

Search results

Showing 21 - 30 of 246 Results

Sort by:

Higher Education IT Compliance through the Prism of Risk Controls
December 6, 2013

Only through collaborative compliance and risk discussions can appropriate decisions be made about both the everyday activities and the transformative new technologies that are or will be avai…

Policy at EDUCAUSE 2013
October 30, 2013

Federal and campus-level policy issues impacting IT in higher education were hot topics at EDUCAUSE 2013. The Security Privacy, and Compliance and Data/Information Access and Manage…

HEISC Security Translation Series
March 19, 2015

The Higher Education Information Security Council (HEISC) Governance, Risk, and Compliance (GRC) Working Group has developed a series of security translation papers for specific campus audien…

Learning While Doing: Two Institutions’ Practical IT Risk Management Experiences
July 29, 2013

IT risk management identifies, assesses, and responds to IT risks. Effective IT risk management examines issues such as institutional use of data , IT security measures to prevent or…

Information Security
June 14, 2013

This Spotlight focuses on data from the 2012 Core Data Service (CDS) to better understand how higher education institutions approach information security activities. Information provided …

Information Security Program Assessment Tool
November 20, 2015

This self-assessment tool was created to evaluate the maturity of higher education information security programs using as a framework the International Organization for Standardization (ISO) 2700…

U.S. Department of Homeland Security Cybersecurity Engagement for Colleges and Universities
July 24, 2014 | A session at the EDUCAUSE LIVE! - U.S. Department of Homeland Security Cybersecurity Engagement for Colleges and Universities

The U.S. Department of Homeland Security (DHS) is increasing its efforts to enhance cybersecurity awareness and network protection at colleges and universities in response to the recent wave of c…

NIST Posts Initial Analysis of Comments on Cybersecurity Framework
May 21, 2013

The National Institute of Standards and Technology (NIST)  announced that it has prepared an initial analysis of hundreds of comments submitted by industry and the public related to the P…

Diamonds and Paperclips: Steps Needed to Make Your University Cybersecure
September 30, 2014 | A session at the EDUCAUSE Annual Conference

Total information security is not practical. How do you understand the risk landscape, identify the most sensitive information, and apply appropriate controls? More importantly, how do you implemen…

An Incremental Approach to Building an Information Security Program
April 1, 2013

Key Takeaways Constraints such as tight budgets, increased responsibilities, lack of resources or incentive, and disagreement on a common approach to information security pose ch…