Cybersecurity Update

For 15 years, EDUCAUSE members have led and shaped programs, resources, and events for the higher education cybersecurity community. 2014 promises to be a very active year in this area.

EDUCAUSE will continue strong support of existing programs and events. We will also contribute to collaborations and develop new, complementary focus areas that will reinforce and increase visibility of the solid foundation built by the community. For more information, to provide feedback, or to get involved, visit the website or contact us at [email protected].

• The Higher Education Information Security Council. HEISC is a member-led group of information security leaders who collaborate with EDUCAUSE and Internet2 to improve information security, data protection, and privacy programs across higher education. In 2014, HEISC priorities will include leading community discussions about future information security strategies in higher education and about continuing to build the information security profession. EDUCAUSE will bring greater visibility and support to this already active community and its resources, which include:
  • The Information Security Guide,
  • The Information Security Program Assessment Tool,
  • A Toolkit for New CISOs, and
  • The EDUCAUSE Security Discussion List
• The Security Professionals Conference. The 12th annual conference will take place May 6-8 in St. Louis, MO, and online. The 2014 event, which has the theme “Mind Tricks and Other Strategies for Information Security,” received a record number of community proposals and will feature keynote speakers Harriet Pearson, partner at Hogan Lovells, and Charlie Miller, security engineer at Twitter. Registration opens in January. EDUCAUSE thanks the conference program committee for their dedication and vision to this premier higher education event.
• National Cyber Security Awareness Month. A long-time higher education partner in this national effort to promote education and training on security awareness, EDUCAUSE will support institutions as they offer fun, creative activities and events for students, faculty, staff, and their local communities. Following the model of the successful 2013 celebration, EDUCAUSE will participate in NCSAM in October 2014.
• Data Privacy Month. Beginning on January 28 with International Data Privacy Day, EDUCAUSE provides events and resources to support and amplify higher education institutions’ efforts to protect their privacy and control their digital footprint. Activities include the opportunity to review other institutions’ programs; a free webinar with Robert Ellis Smith, publisher of Privacy Journal; and recognition for becoming a Data Privacy Day Champion.
• Continued Support of Identity Management. EDUCAUSE will continue to support the IAM Online monthly webinars in 2014, with member communications that help to increase the reach of this InCommon program.
• Collaboration with the New EDUCAUSE IT Governance, Risk, and Compliance Program. In 2014, with member input and board guidance, EDUCAUSE will develop and introduce activities to help meet institutions’ needs in the areas of IT governance, risk, and compliance. This increased emphasis on IT-GRC recognizes the need for the community to adapt and respond to the changing needs of higher education. HEISC will collaborate in a complementary fashion with leaders of the new program, providing cybersecurity expertise and perspectives to discussions. Learn more in the November-December 2013 issue of EDUCAUSE Review Online, a special issue on governance, risk, and compliance.
• Collaboration and Coordination with Key Partners. EDUCAUSE is one of several groups that work together to provide deep and broad support of information security in higher education. Members look to EDUCAUSE to provide programs, resources, and events that complement and coordinate with the efforts of Internet2, the REN-ISAC, InCommon, and others.

 

EDUCAUSE cybersecurity efforts are supported by members, collaborating organizations, and staff. Cybersecurity programs in EDUCAUSE report to Vice President Susan Grajek and are directed and led by Joanna Grama, Director of IT GRC and Cybersecurity Programs. Joanna previously held the position of Information Security Policy and Compliance Director at Purdue University, and has expertise in IT security policy, compliance, governance activities, and data privacy. In 2014, EDUCAUSE staff member Rodney Petersen will contribute to SecuriCORE, a collaborative project with Internet2 and Indiana University. Valerie Vogel is the Program Manager for the EDUCAUSE Cybersecurity Initiative and has managed the program’s day-to-day activities for the past eleven years.