SlideShare una empresa de Scribd logo

Information security at University of East London: the benefits (and pitfalls) of a framework approach

Descargar como PPTX, PDF
Jisc
Jisc

Presentation from the Jisc security conference 2016 www.jisc.ac.uk

Tecnología
1 de 12
Information security at University of East London: The benefits (and pitfalls) of a framework approach Craig Clark- Information Security and Compliance Manager Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 111/11/2016
» Involved in information security at UEL since 2014 – previous experience in facilities management and insurance sectors » Not a traditional techie – background in social engineering, forensic science and risk management » Mandate covers implementing a ‘security culture’ » Certified ISO27001 lead implementer and GDPR practitioner About me 11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 2
» Sensitive data across multiple systems with multiple owners » No consistent information governance methodology for classification and retention » ‘Best efforts’ approach from within IT but no formal information security strategy at vice chancellor and governor level » No full time post for information security » Fragmented approach information sharing The UEL information security quandary – Previously: 11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 3
» Embeds governance, responsibility and accountability values - protection at the front door » A ‘one stop shop’ for information security and governance » A mechanism to implement the CIA triad consistently across the institution » Allows for information security to align with strategic goals » The framework aligns with controls outlined for an ISO27001 ISMS » Allows for a systematic approach to risk What is an information security framework in a UEL context? 11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 4
11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 5 Policy Signposting and awareness Procedures Processes Auditable evidence
Mandatory » Data protection/GDPR » Freedom of Information » Copyright » Intellectual Property » Janet network » Prevent » PCI-DSS Information security policy Supporting policies » Acceptable use » Antivirus and malware » Cloud services » Social media » Data retention » Data classification » Access management policy 11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 6
» Updated to reflect evolving risk landscape especially Prevent and GDPR » Modeled on Janet network/UCISA policies and toolkits » For UEL it requires backing at governor level – takes time to get through various committees » Needs Union involvement to feed in to disciplinary process for staff breaches » Communication and accountability across all levels is vital Policies 11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 7
» Multiple modes of delivery (intranet, internal communications, eLearning, workshops and Lynda.com) » Dedicated workshops tailored to business function (research, service desk etc) » Dedicated intranet site aimed at highlighting good information security practices at work and at home » Information security incorporated into risk management strategy and various sub-committees Signposting and awareness 11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 8
» Covers the who, what, where when and how » Many procedures and processes exist as ‘business as usual’ activities – but documentation is key to improve the amount of auditable evidence » Where processes and procedures are widely applicable they must be highly visible and people should be able to suggest improvements » Information sharing agreements and internal audit results should be held outside the affected department – ideally by governance Procedures and processes 11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 9
» Framework allows for increased output of auditable evidence » Several audit templates available » ICO has published high level audit areas » Cloud SecurityAlliance » GDPR likely to impact on evidence requirements Auditable evidence 11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 10
Conclusions » The framework is an evolving, flexible process » Final version will include new GDPR processes, policies and procedures » Buy in from the vice chancellor and governor has been vital » It’s a long road! » There has been resistance from some business units and academics but overall positive experience Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 11
Contact details C.Clark@uel.ac.uk twitter.com/cogitateclark LinkedIn: https://uk.linkedin.com/in/craig-clark-itil-cis-li-eu-gdpr-p-17480198 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 12

Recomendados

Leveraging change through digital capability - James Clay, Chris Roberts, Tim...
Leveraging change through digital capability - James Clay, Chris Roberts, Tim...Leveraging change through digital capability - James Clay, Chris Roberts, Tim...
Leveraging change through digital capability - James Clay, Chris Roberts, Tim...Jisc
 
Find out about Jisc - Networkshop44 2016
Find out about Jisc - Networkshop44 2016Find out about Jisc - Networkshop44 2016
Find out about Jisc - Networkshop44 2016Jisc
 
UCISA digital capability survey 2017
UCISA digital capability survey 2017UCISA digital capability survey 2017
UCISA digital capability survey 2017Jisc
 
Jisc Monitor workshop - Jo Lambert and Brian Mitchell - Jisc Digital Festival...
Jisc Monitor workshop - Jo Lambert and Brian Mitchell - Jisc Digital Festival...Jisc Monitor workshop - Jo Lambert and Brian Mitchell - Jisc Digital Festival...
Jisc Monitor workshop - Jo Lambert and Brian Mitchell - Jisc Digital Festival...Jisc
 
Leveraging change through digital capability - Lawrie Phipps, Terri Smith and...
Leveraging change through digital capability - Lawrie Phipps, Terri Smith and...Leveraging change through digital capability - Lawrie Phipps, Terri Smith and...
Leveraging change through digital capability - Lawrie Phipps, Terri Smith and...Jisc
 
Lowering the bar to using data – interactive dashboards for education
Lowering the bar to using data – interactive dashboards for educationLowering the bar to using data – interactive dashboards for education
Lowering the bar to using data – interactive dashboards for educationJisc
 
Digital literacy: key issues
Digital literacy: key issuesDigital literacy: key issues
Digital literacy: key issuesJisc
 
How you can enhance your efficiency and effectiveness for teaching and learni...
How you can enhance your efficiency and effectiveness for teaching and learni...How you can enhance your efficiency and effectiveness for teaching and learni...
How you can enhance your efficiency and effectiveness for teaching and learni...Jisc
 

Recomendados

Leveraging change through digital capability - James Clay, Chris Roberts, Tim...
Leveraging change through digital capability - James Clay, Chris Roberts, Tim...Leveraging change through digital capability - James Clay, Chris Roberts, Tim...
Leveraging change through digital capability - James Clay, Chris Roberts, Tim...Jisc
 
Find out about Jisc - Networkshop44 2016
Find out about Jisc - Networkshop44 2016Find out about Jisc - Networkshop44 2016
Find out about Jisc - Networkshop44 2016Jisc
 
UCISA digital capability survey 2017
UCISA digital capability survey 2017UCISA digital capability survey 2017
UCISA digital capability survey 2017Jisc
 
Jisc Monitor workshop - Jo Lambert and Brian Mitchell - Jisc Digital Festival...
Jisc Monitor workshop - Jo Lambert and Brian Mitchell - Jisc Digital Festival...Jisc Monitor workshop - Jo Lambert and Brian Mitchell - Jisc Digital Festival...
Jisc Monitor workshop - Jo Lambert and Brian Mitchell - Jisc Digital Festival...Jisc
 
Leveraging change through digital capability - Lawrie Phipps, Terri Smith and...
Leveraging change through digital capability - Lawrie Phipps, Terri Smith and...Leveraging change through digital capability - Lawrie Phipps, Terri Smith and...
Leveraging change through digital capability - Lawrie Phipps, Terri Smith and...Jisc
 
Lowering the bar to using data – interactive dashboards for education
Lowering the bar to using data – interactive dashboards for educationLowering the bar to using data – interactive dashboards for education
Lowering the bar to using data – interactive dashboards for educationJisc
 
Digital literacy: key issues
Digital literacy: key issuesDigital literacy: key issues
Digital literacy: key issuesJisc
 
How you can enhance your efficiency and effectiveness for teaching and learni...
How you can enhance your efficiency and effectiveness for teaching and learni...How you can enhance your efficiency and effectiveness for teaching and learni...
How you can enhance your efficiency and effectiveness for teaching and learni...Jisc
 
How to change the learning landscape
How to change the learning landscapeHow to change the learning landscape
How to change the learning landscapeJisc
 
Staff-student partnership working to effect institutional change - Jisc Digit...
Staff-student partnership working to effect institutional change - Jisc Digit...Staff-student partnership working to effect institutional change - Jisc Digit...
Staff-student partnership working to effect institutional change - Jisc Digit...Jisc
 
Transnational education: conversations for success - Jisc Digital Festival 2015
Transnational education: conversations for success - Jisc Digital Festival 2015Transnational education: conversations for success - Jisc Digital Festival 2015
Transnational education: conversations for success - Jisc Digital Festival 2015Jisc
 
Jisc Support for Asset Sharing - Kit-Catalogue National User Group November 2014
Jisc Support for Asset Sharing - Kit-Catalogue National User Group November 2014Jisc Support for Asset Sharing - Kit-Catalogue National User Group November 2014
Jisc Support for Asset Sharing - Kit-Catalogue National User Group November 2014Martin Hamilton
 
Directions in research data management - Jisc Digital Festival 2015
Directions in research data management - Jisc Digital Festival 2015Directions in research data management - Jisc Digital Festival 2015
Directions in research data management - Jisc Digital Festival 2015Jisc
 
How you can enhance the efficiency and effectiveness of teaching and learning...
How you can enhance the efficiency and effectiveness of teaching and learning...How you can enhance the efficiency and effectiveness of teaching and learning...
How you can enhance the efficiency and effectiveness of teaching and learning...Jisc
 
Collaboration through technology: moving from possibility to practice
Collaboration through technology: moving from possibility to practiceCollaboration through technology: moving from possibility to practice
Collaboration through technology: moving from possibility to practiceJisc
 
Kit-Catalogue - Discovering the Value of Equipment Sharing - Universities UK ...
Kit-Catalogue - Discovering the Value of Equipment Sharing - Universities UK ...Kit-Catalogue - Discovering the Value of Equipment Sharing - Universities UK ...
Kit-Catalogue - Discovering the Value of Equipment Sharing - Universities UK ...Martin Hamilton
 
Outcomes from the Digital Student Skills project
Outcomes from the Digital Student Skills projectOutcomes from the Digital Student Skills project
Outcomes from the Digital Student Skills projectJisc
 
Collaboration through technology: moving from possibility to practice - Tim B...
Collaboration through technology: moving from possibility to practice - Tim B...Collaboration through technology: moving from possibility to practice - Tim B...
Collaboration through technology: moving from possibility to practice - Tim B...Jisc
 
Tracking research and research systems
Tracking research and research systemsTracking research and research systems
Tracking research and research systemsJisc
 
Connect More with peers in practice - Connect More 2017 Birmingham
Connect More with peers in practice - Connect More 2017 BirminghamConnect More with peers in practice - Connect More 2017 Birmingham
Connect More with peers in practice - Connect More 2017 BirminghamJisc
 
Mobile learning in practice - Jisc Digital Festival 2015
Mobile learning in practice - Jisc Digital Festival 2015Mobile learning in practice - Jisc Digital Festival 2015
Mobile learning in practice - Jisc Digital Festival 2015Jisc
 
Collaboration through technology: moving from possibility to practice - Marti...
Collaboration through technology: moving from possibility to practice - Marti...Collaboration through technology: moving from possibility to practice - Marti...
Collaboration through technology: moving from possibility to practice - Marti...Jisc
 
Good Intentions: improving the evidence base in support of sharing learning m...
Good Intentions: improving the evidence base in support of sharing learning m...Good Intentions: improving the evidence base in support of sharing learning m...
Good Intentions: improving the evidence base in support of sharing learning m...loumcgill
 
Developing and extending approaches to embedding digital capabilities into in...
Developing and extending approaches to embedding digital capabilities into in...Developing and extending approaches to embedding digital capabilities into in...
Developing and extending approaches to embedding digital capabilities into in...Jisc
 
Making the most of digital resources - Hazel White and Alicia Wallace
Making the most of digital resources - Hazel White and Alicia WallaceMaking the most of digital resources - Hazel White and Alicia Wallace
Making the most of digital resources - Hazel White and Alicia WallaceJisc
 
Whats new in ict law - Networkshop44
Whats new in ict law - Networkshop44Whats new in ict law - Networkshop44
Whats new in ict law - Networkshop44Jisc
 
How compliant is your institution? University of Glasgow RIOXX case study - M...
How compliant is your institution? University of Glasgow RIOXX case study - M...How compliant is your institution? University of Glasgow RIOXX case study - M...
How compliant is your institution? University of Glasgow RIOXX case study - M...Jisc
 
Collaboration through technology: moving from possibility to practice - Tim B...
Collaboration through technology: moving from possibility to practice - Tim B...Collaboration through technology: moving from possibility to practice - Tim B...
Collaboration through technology: moving from possibility to practice - Tim B...Jisc
 
Data and information governance: getting this right to support an information...
Data and information governance: getting this right to support an information...Data and information governance: getting this right to support an information...
Data and information governance: getting this right to support an information...Jisc
 
GDPR: More reasons for information security
GDPR: More reasons for information securityGDPR: More reasons for information security
GDPR: More reasons for information securityJisc
 

Más contenido relacionado

La actualidad más candente

How to change the learning landscape
How to change the learning landscapeHow to change the learning landscape
How to change the learning landscapeJisc
 
Staff-student partnership working to effect institutional change - Jisc Digit...
Staff-student partnership working to effect institutional change - Jisc Digit...Staff-student partnership working to effect institutional change - Jisc Digit...
Staff-student partnership working to effect institutional change - Jisc Digit...Jisc
 
Transnational education: conversations for success - Jisc Digital Festival 2015
Transnational education: conversations for success - Jisc Digital Festival 2015Transnational education: conversations for success - Jisc Digital Festival 2015
Transnational education: conversations for success - Jisc Digital Festival 2015Jisc
 
Jisc Support for Asset Sharing - Kit-Catalogue National User Group November 2014
Jisc Support for Asset Sharing - Kit-Catalogue National User Group November 2014Jisc Support for Asset Sharing - Kit-Catalogue National User Group November 2014
Jisc Support for Asset Sharing - Kit-Catalogue National User Group November 2014Martin Hamilton
 
Directions in research data management - Jisc Digital Festival 2015
Directions in research data management - Jisc Digital Festival 2015Directions in research data management - Jisc Digital Festival 2015
Directions in research data management - Jisc Digital Festival 2015Jisc
 
How you can enhance the efficiency and effectiveness of teaching and learning...
How you can enhance the efficiency and effectiveness of teaching and learning...How you can enhance the efficiency and effectiveness of teaching and learning...
How you can enhance the efficiency and effectiveness of teaching and learning...Jisc
 
Collaboration through technology: moving from possibility to practice
Collaboration through technology: moving from possibility to practiceCollaboration through technology: moving from possibility to practice
Collaboration through technology: moving from possibility to practiceJisc
 
Kit-Catalogue - Discovering the Value of Equipment Sharing - Universities UK ...
Kit-Catalogue - Discovering the Value of Equipment Sharing - Universities UK ...Kit-Catalogue - Discovering the Value of Equipment Sharing - Universities UK ...
Kit-Catalogue - Discovering the Value of Equipment Sharing - Universities UK ...Martin Hamilton
 
Outcomes from the Digital Student Skills project
Outcomes from the Digital Student Skills projectOutcomes from the Digital Student Skills project
Outcomes from the Digital Student Skills projectJisc
 
Collaboration through technology: moving from possibility to practice - Tim B...
Collaboration through technology: moving from possibility to practice - Tim B...Collaboration through technology: moving from possibility to practice - Tim B...
Collaboration through technology: moving from possibility to practice - Tim B...Jisc
 
Tracking research and research systems
Tracking research and research systemsTracking research and research systems
Tracking research and research systemsJisc
 
Connect More with peers in practice - Connect More 2017 Birmingham
Connect More with peers in practice - Connect More 2017 BirminghamConnect More with peers in practice - Connect More 2017 Birmingham
Connect More with peers in practice - Connect More 2017 BirminghamJisc
 
Mobile learning in practice - Jisc Digital Festival 2015
Mobile learning in practice - Jisc Digital Festival 2015Mobile learning in practice - Jisc Digital Festival 2015
Mobile learning in practice - Jisc Digital Festival 2015Jisc
 
Collaboration through technology: moving from possibility to practice - Marti...
Collaboration through technology: moving from possibility to practice - Marti...Collaboration through technology: moving from possibility to practice - Marti...
Collaboration through technology: moving from possibility to practice - Marti...Jisc
 
Good Intentions: improving the evidence base in support of sharing learning m...
Good Intentions: improving the evidence base in support of sharing learning m...Good Intentions: improving the evidence base in support of sharing learning m...
Good Intentions: improving the evidence base in support of sharing learning m...loumcgill
 
Developing and extending approaches to embedding digital capabilities into in...
Developing and extending approaches to embedding digital capabilities into in...Developing and extending approaches to embedding digital capabilities into in...
Developing and extending approaches to embedding digital capabilities into in...Jisc
 
Making the most of digital resources - Hazel White and Alicia Wallace
Making the most of digital resources - Hazel White and Alicia WallaceMaking the most of digital resources - Hazel White and Alicia Wallace
Making the most of digital resources - Hazel White and Alicia WallaceJisc
 
Whats new in ict law - Networkshop44
Whats new in ict law - Networkshop44Whats new in ict law - Networkshop44
Whats new in ict law - Networkshop44Jisc
 
How compliant is your institution? University of Glasgow RIOXX case study - M...
How compliant is your institution? University of Glasgow RIOXX case study - M...How compliant is your institution? University of Glasgow RIOXX case study - M...
How compliant is your institution? University of Glasgow RIOXX case study - M...Jisc
 
Collaboration through technology: moving from possibility to practice - Tim B...
Collaboration through technology: moving from possibility to practice - Tim B...Collaboration through technology: moving from possibility to practice - Tim B...
Collaboration through technology: moving from possibility to practice - Tim B...Jisc
 

La actualidad más candente (20)

How to change the learning landscape
How to change the learning landscapeHow to change the learning landscape
How to change the learning landscape
 
Staff-student partnership working to effect institutional change - Jisc Digit...
Staff-student partnership working to effect institutional change - Jisc Digit...Staff-student partnership working to effect institutional change - Jisc Digit...
Staff-student partnership working to effect institutional change - Jisc Digit...
 
Transnational education: conversations for success - Jisc Digital Festival 2015
Transnational education: conversations for success - Jisc Digital Festival 2015Transnational education: conversations for success - Jisc Digital Festival 2015
Transnational education: conversations for success - Jisc Digital Festival 2015
 
Jisc Support for Asset Sharing - Kit-Catalogue National User Group November 2014
Jisc Support for Asset Sharing - Kit-Catalogue National User Group November 2014Jisc Support for Asset Sharing - Kit-Catalogue National User Group November 2014
Jisc Support for Asset Sharing - Kit-Catalogue National User Group November 2014
 
Directions in research data management - Jisc Digital Festival 2015
Directions in research data management - Jisc Digital Festival 2015Directions in research data management - Jisc Digital Festival 2015
Directions in research data management - Jisc Digital Festival 2015
 
How you can enhance the efficiency and effectiveness of teaching and learning...
How you can enhance the efficiency and effectiveness of teaching and learning...How you can enhance the efficiency and effectiveness of teaching and learning...
How you can enhance the efficiency and effectiveness of teaching and learning...
 
Collaboration through technology: moving from possibility to practice
Collaboration through technology: moving from possibility to practiceCollaboration through technology: moving from possibility to practice
Collaboration through technology: moving from possibility to practice
 
Kit-Catalogue - Discovering the Value of Equipment Sharing - Universities UK ...
Kit-Catalogue - Discovering the Value of Equipment Sharing - Universities UK ...Kit-Catalogue - Discovering the Value of Equipment Sharing - Universities UK ...
Kit-Catalogue - Discovering the Value of Equipment Sharing - Universities UK ...
 
Outcomes from the Digital Student Skills project
Outcomes from the Digital Student Skills projectOutcomes from the Digital Student Skills project
Outcomes from the Digital Student Skills project
 
Collaboration through technology: moving from possibility to practice - Tim B...
Collaboration through technology: moving from possibility to practice - Tim B...Collaboration through technology: moving from possibility to practice - Tim B...
Collaboration through technology: moving from possibility to practice - Tim B...
 
Tracking research and research systems
Tracking research and research systemsTracking research and research systems
Tracking research and research systems
 
Connect More with peers in practice - Connect More 2017 Birmingham
Connect More with peers in practice - Connect More 2017 BirminghamConnect More with peers in practice - Connect More 2017 Birmingham
Connect More with peers in practice - Connect More 2017 Birmingham
 
Mobile learning in practice - Jisc Digital Festival 2015
Mobile learning in practice - Jisc Digital Festival 2015Mobile learning in practice - Jisc Digital Festival 2015
Mobile learning in practice - Jisc Digital Festival 2015
 
Collaboration through technology: moving from possibility to practice - Marti...
Collaboration through technology: moving from possibility to practice - Marti...Collaboration through technology: moving from possibility to practice - Marti...
Collaboration through technology: moving from possibility to practice - Marti...
 
Good Intentions: improving the evidence base in support of sharing learning m...
Good Intentions: improving the evidence base in support of sharing learning m...Good Intentions: improving the evidence base in support of sharing learning m...
Good Intentions: improving the evidence base in support of sharing learning m...
 
Developing and extending approaches to embedding digital capabilities into in...
Developing and extending approaches to embedding digital capabilities into in...Developing and extending approaches to embedding digital capabilities into in...
Developing and extending approaches to embedding digital capabilities into in...
 
Making the most of digital resources - Hazel White and Alicia Wallace
Making the most of digital resources - Hazel White and Alicia WallaceMaking the most of digital resources - Hazel White and Alicia Wallace
Making the most of digital resources - Hazel White and Alicia Wallace
 
Whats new in ict law - Networkshop44
Whats new in ict law - Networkshop44Whats new in ict law - Networkshop44
Whats new in ict law - Networkshop44
 
How compliant is your institution? University of Glasgow RIOXX case study - M...
How compliant is your institution? University of Glasgow RIOXX case study - M...How compliant is your institution? University of Glasgow RIOXX case study - M...
How compliant is your institution? University of Glasgow RIOXX case study - M...
 
Collaboration through technology: moving from possibility to practice - Tim B...
Collaboration through technology: moving from possibility to practice - Tim B...Collaboration through technology: moving from possibility to practice - Tim B...
Collaboration through technology: moving from possibility to practice - Tim B...
 

Destacado

Data and information governance: getting this right to support an information...
Data and information governance: getting this right to support an information...Data and information governance: getting this right to support an information...
Data and information governance: getting this right to support an information...Jisc
 
GDPR: More reasons for information security
GDPR: More reasons for information securityGDPR: More reasons for information security
GDPR: More reasons for information securityJisc
 
Cyber Crime - "Who, What and How"
Cyber Crime - "Who, What and How"Cyber Crime - "Who, What and How"
Cyber Crime - "Who, What and How"Jisc
 
Role of the CISO in Higher Education
Role of the CISO in Higher EducationRole of the CISO in Higher Education
Role of the CISO in Higher EducationJisc
 
Protecting our customers - BT security
Protecting our customers - BT securityProtecting our customers - BT security
Protecting our customers - BT securityJisc
 
Mitigation starts now
Mitigation starts nowMitigation starts now
Mitigation starts nowJisc
 
Certifying and Securing a Trusted Environment for Health Informatics Research...
Certifying and Securing a Trusted Environment for Health Informatics Research...Certifying and Securing a Trusted Environment for Health Informatics Research...
Certifying and Securing a Trusted Environment for Health Informatics Research...Jisc
 
Working with students and ISO27001
Working with students and ISO27001Working with students and ISO27001
Working with students and ISO27001Jisc
 
Embracing local devolution - two college's intriguing insights into respondin...
Embracing local devolution - two college's intriguing insights into respondin...Embracing local devolution - two college's intriguing insights into respondin...
Embracing local devolution - two college's intriguing insights into respondin...Jisc
 
An evolution of Vscene in action - John Wilson
An evolution of Vscene in action - John WilsonAn evolution of Vscene in action - John Wilson
An evolution of Vscene in action - John WilsonJisc
 
Perspectives on implementing a vision for developing staff digital capability
Perspectives on implementing a vision for developing staff digital capabilityPerspectives on implementing a vision for developing staff digital capability
Perspectives on implementing a vision for developing staff digital capabilityJisc
 
Learning analytics for FE colleges
Learning analytics for FE collegesLearning analytics for FE colleges
Learning analytics for FE collegesJisc
 
Inclusively enhancing learning from lecture recordings: using Synote without ...
Inclusively enhancing learning from lecture recordings: using Synote without ...Inclusively enhancing learning from lecture recordings: using Synote without ...
Inclusively enhancing learning from lecture recordings: using Synote without ...Jisc
 
Making best use of technology for employability: the Jisc employability toolkit
Making best use of technology for employability: the Jisc employability toolkitMaking best use of technology for employability: the Jisc employability toolkit
Making best use of technology for employability: the Jisc employability toolkitJisc
 
An evolution of Vscene in action - Tim Boundy
An evolution of Vscene in action - Tim BoundyAn evolution of Vscene in action - Tim Boundy
An evolution of Vscene in action - Tim BoundyJisc
 
Institutional visions for a digital student experience
Institutional visions for a digital student experienceInstitutional visions for a digital student experience
Institutional visions for a digital student experienceJisc
 
Increasing student satisfaction by closing the feedback loop
Increasing student satisfaction by closing the feedback loopIncreasing student satisfaction by closing the feedback loop
Increasing student satisfaction by closing the feedback loopJisc
 
Exploiting digital collections in learning, teaching and research
Exploiting digital collections in learning, teaching and researchExploiting digital collections in learning, teaching and research
Exploiting digital collections in learning, teaching and researchJisc
 
Transforming organisational culture
Transforming organisational cultureTransforming organisational culture
Transforming organisational cultureJisc
 
Amazon Web Services
Amazon Web ServicesAmazon Web Services
Amazon Web ServicesJisc
 

Destacado (20)

Data and information governance: getting this right to support an information...
Data and information governance: getting this right to support an information...Data and information governance: getting this right to support an information...
Data and information governance: getting this right to support an information...
 
GDPR: More reasons for information security
GDPR: More reasons for information securityGDPR: More reasons for information security
GDPR: More reasons for information security
 
Cyber Crime - "Who, What and How"
Cyber Crime - "Who, What and How"Cyber Crime - "Who, What and How"
Cyber Crime - "Who, What and How"
 
Role of the CISO in Higher Education
Role of the CISO in Higher EducationRole of the CISO in Higher Education
Role of the CISO in Higher Education
 
Protecting our customers - BT security
Protecting our customers - BT securityProtecting our customers - BT security
Protecting our customers - BT security
 
Mitigation starts now
Mitigation starts nowMitigation starts now
Mitigation starts now
 
Certifying and Securing a Trusted Environment for Health Informatics Research...
Certifying and Securing a Trusted Environment for Health Informatics Research...Certifying and Securing a Trusted Environment for Health Informatics Research...
Certifying and Securing a Trusted Environment for Health Informatics Research...
 
Working with students and ISO27001
Working with students and ISO27001Working with students and ISO27001
Working with students and ISO27001
 
Embracing local devolution - two college's intriguing insights into respondin...
Embracing local devolution - two college's intriguing insights into respondin...Embracing local devolution - two college's intriguing insights into respondin...
Embracing local devolution - two college's intriguing insights into respondin...
 
An evolution of Vscene in action - John Wilson
An evolution of Vscene in action - John WilsonAn evolution of Vscene in action - John Wilson
An evolution of Vscene in action - John Wilson
 
Perspectives on implementing a vision for developing staff digital capability
Perspectives on implementing a vision for developing staff digital capabilityPerspectives on implementing a vision for developing staff digital capability
Perspectives on implementing a vision for developing staff digital capability
 
Learning analytics for FE colleges
Learning analytics for FE collegesLearning analytics for FE colleges
Learning analytics for FE colleges
 
Inclusively enhancing learning from lecture recordings: using Synote without ...
Inclusively enhancing learning from lecture recordings: using Synote without ...Inclusively enhancing learning from lecture recordings: using Synote without ...
Inclusively enhancing learning from lecture recordings: using Synote without ...
 
Making best use of technology for employability: the Jisc employability toolkit
Making best use of technology for employability: the Jisc employability toolkitMaking best use of technology for employability: the Jisc employability toolkit
Making best use of technology for employability: the Jisc employability toolkit
 
An evolution of Vscene in action - Tim Boundy
An evolution of Vscene in action - Tim BoundyAn evolution of Vscene in action - Tim Boundy
An evolution of Vscene in action - Tim Boundy
 
Institutional visions for a digital student experience
Institutional visions for a digital student experienceInstitutional visions for a digital student experience
Institutional visions for a digital student experience
 
Increasing student satisfaction by closing the feedback loop
Increasing student satisfaction by closing the feedback loopIncreasing student satisfaction by closing the feedback loop
Increasing student satisfaction by closing the feedback loop
 
Exploiting digital collections in learning, teaching and research
Exploiting digital collections in learning, teaching and researchExploiting digital collections in learning, teaching and research
Exploiting digital collections in learning, teaching and research
 
Transforming organisational culture
Transforming organisational cultureTransforming organisational culture
Transforming organisational culture
 
Amazon Web Services
Amazon Web ServicesAmazon Web Services
Amazon Web Services
 

Similar a Information security at University of East London: the benefits (and pitfalls) of a framework approach

Behaviour Change and Cyber-Security
Behaviour Change and Cyber-SecurityBehaviour Change and Cyber-Security
Behaviour Change and Cyber-Securityjoinson
 
Bl cybersecurity z_dooly
Bl cybersecurity z_doolyBl cybersecurity z_dooly
Bl cybersecurity z_doolyzdooly
 
Start With A Great Information Security Plan!
Start With A Great Information Security Plan!Start With A Great Information Security Plan!
Start With A Great Information Security Plan!Tammy Clark
 
Recapitulating the development initiatives of a robust information security s...
Recapitulating the development initiatives of a robust information security s...Recapitulating the development initiatives of a robust information security s...
Recapitulating the development initiatives of a robust information security s...IOSR Journals
 
International Cooperation for Research on Privacy and Data Protection - Austr...
International Cooperation for Research on Privacy and Data Protection - Austr...International Cooperation for Research on Privacy and Data Protection - Austr...
International Cooperation for Research on Privacy and Data Protection - Austr...Liming Zhu
 
2013 Data Protection Maturity Trends: How Do You Compare?
2013 Data Protection Maturity Trends: How Do You Compare?2013 Data Protection Maturity Trends: How Do You Compare?
2013 Data Protection Maturity Trends: How Do You Compare?Lumension
 
An itinerary for FAIR and privacy respecting data-driven innovation and research
An itinerary for FAIR and privacy respecting data-driven innovation and researchAn itinerary for FAIR and privacy respecting data-driven innovation and research
An itinerary for FAIR and privacy respecting data-driven innovation and researchMarlon Domingus
 
From Law to Code: Translating Legal Principles into Digital Rules
From Law to Code: Translating Legal Principles into Digital RulesFrom Law to Code: Translating Legal Principles into Digital Rules
From Law to Code: Translating Legal Principles into Digital RulesRónán Kennedy
 
Avoiding Invasive Surveillance, Ensuring Trust: ENSURING TRUST UNED’S AvEx
Avoiding Invasive Surveillance, Ensuring Trust: ENSURING TRUST UNED’S AvExAvoiding Invasive Surveillance, Ensuring Trust: ENSURING TRUST UNED’S AvEx
Avoiding Invasive Surveillance, Ensuring Trust: ENSURING TRUST UNED’S AvExEADTU
 
Good practice in learning analytics - Jisc Digital Festival 2015
Good practice in learning analytics - Jisc Digital Festival 2015Good practice in learning analytics - Jisc Digital Festival 2015
Good practice in learning analytics - Jisc Digital Festival 2015Jisc
 
Industry program panel - SINCONF ACM
Industry program panel - SINCONF ACMIndustry program panel - SINCONF ACM
Industry program panel - SINCONF ACMchristophefeltus
 
“Security” In a Digital Interconnected World
“Security” In a Digital Interconnected World “Security” In a Digital Interconnected World
“Security” In a Digital Interconnected World Internet Society
 
Challenges and opportunities in the paperless NHS & beyond - A data protectio...
Challenges and opportunities in the paperless NHS & beyond - A data protectio...Challenges and opportunities in the paperless NHS & beyond - A data protectio...
Challenges and opportunities in the paperless NHS & beyond - A data protectio...Osborne Clarke
 
Secure and Compliant Data Management in FinTech Applications
Secure and Compliant Data Management in FinTech ApplicationsSecure and Compliant Data Management in FinTech Applications
Secure and Compliant Data Management in FinTech ApplicationsLionel Briand
 
The SAFARI syndrome. Implementing CRIS and open science
The SAFARI syndrome. Implementing CRIS and open scienceThe SAFARI syndrome. Implementing CRIS and open science
The SAFARI syndrome. Implementing CRIS and open scienceUniversity Lille 3
 
ICAANZ VPDSS presentation by Paul O'Connor
ICAANZ VPDSS presentation by Paul O'ConnorICAANZ VPDSS presentation by Paul O'Connor
ICAANZ VPDSS presentation by Paul O'ConnorPaul O'Connor
 
Survey of accountability, trust, consent, tracking, security and privacy mech...
Survey of accountability, trust, consent, tracking, security and privacy mech...Survey of accountability, trust, consent, tracking, security and privacy mech...
Survey of accountability, trust, consent, tracking, security and privacy mech...Karlos Svoboda
 
Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...
Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...
Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...Karlos Svoboda
 

Similar a Information security at University of East London: the benefits (and pitfalls) of a framework approach (20)

Behaviour Change and Cyber-Security
Behaviour Change and Cyber-SecurityBehaviour Change and Cyber-Security
Behaviour Change and Cyber-Security
 
Bl cybersecurity z_dooly
Bl cybersecurity z_doolyBl cybersecurity z_dooly
Bl cybersecurity z_dooly
 
Start With A Great Information Security Plan!
Start With A Great Information Security Plan!Start With A Great Information Security Plan!
Start With A Great Information Security Plan!
 
Recapitulating the development initiatives of a robust information security s...
Recapitulating the development initiatives of a robust information security s...Recapitulating the development initiatives of a robust information security s...
Recapitulating the development initiatives of a robust information security s...
 
International Cooperation for Research on Privacy and Data Protection - Austr...
International Cooperation for Research on Privacy and Data Protection - Austr...International Cooperation for Research on Privacy and Data Protection - Austr...
International Cooperation for Research on Privacy and Data Protection - Austr...
 
2013 Data Protection Maturity Trends: How Do You Compare?
2013 Data Protection Maturity Trends: How Do You Compare?2013 Data Protection Maturity Trends: How Do You Compare?
2013 Data Protection Maturity Trends: How Do You Compare?
 
An itinerary for FAIR and privacy respecting data-driven innovation and research
An itinerary for FAIR and privacy respecting data-driven innovation and researchAn itinerary for FAIR and privacy respecting data-driven innovation and research
An itinerary for FAIR and privacy respecting data-driven innovation and research
 
From Law to Code: Translating Legal Principles into Digital Rules
From Law to Code: Translating Legal Principles into Digital RulesFrom Law to Code: Translating Legal Principles into Digital Rules
From Law to Code: Translating Legal Principles into Digital Rules
 
Avoiding Invasive Surveillance, Ensuring Trust: ENSURING TRUST UNED’S AvEx
Avoiding Invasive Surveillance, Ensuring Trust: ENSURING TRUST UNED’S AvExAvoiding Invasive Surveillance, Ensuring Trust: ENSURING TRUST UNED’S AvEx
Avoiding Invasive Surveillance, Ensuring Trust: ENSURING TRUST UNED’S AvEx
 
Good practice in learning analytics - Jisc Digital Festival 2015
Good practice in learning analytics - Jisc Digital Festival 2015Good practice in learning analytics - Jisc Digital Festival 2015
Good practice in learning analytics - Jisc Digital Festival 2015
 
Industry program panel - SINCONF ACM
Industry program panel - SINCONF ACMIndustry program panel - SINCONF ACM
Industry program panel - SINCONF ACM
 
Industry program panel
Industry program panelIndustry program panel
Industry program panel
 
“Security” In a Digital Interconnected World
“Security” In a Digital Interconnected World “Security” In a Digital Interconnected World
“Security” In a Digital Interconnected World
 
Challenges and opportunities in the paperless NHS & beyond - A data protectio...
Challenges and opportunities in the paperless NHS & beyond - A data protectio...Challenges and opportunities in the paperless NHS & beyond - A data protectio...
Challenges and opportunities in the paperless NHS & beyond - A data protectio...
 
Secure and Compliant Data Management in FinTech Applications
Secure and Compliant Data Management in FinTech ApplicationsSecure and Compliant Data Management in FinTech Applications
Secure and Compliant Data Management in FinTech Applications
 
Safari syndrome
Safari syndromeSafari syndrome
Safari syndrome
 
The SAFARI syndrome. Implementing CRIS and open science
The SAFARI syndrome. Implementing CRIS and open scienceThe SAFARI syndrome. Implementing CRIS and open science
The SAFARI syndrome. Implementing CRIS and open science
 
ICAANZ VPDSS presentation by Paul O'Connor
ICAANZ VPDSS presentation by Paul O'ConnorICAANZ VPDSS presentation by Paul O'Connor
ICAANZ VPDSS presentation by Paul O'Connor
 
Survey of accountability, trust, consent, tracking, security and privacy mech...
Survey of accountability, trust, consent, tracking, security and privacy mech...Survey of accountability, trust, consent, tracking, security and privacy mech...
Survey of accountability, trust, consent, tracking, security and privacy mech...
 
Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...
Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...
Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...
 

Más de Jisc

Jisc's value to HE: the University of Sheffield
Jisc's value to HE: the University of SheffieldJisc's value to HE: the University of Sheffield
Jisc's value to HE: the University of SheffieldJisc
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxJisc
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jisc
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxJisc
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Jisc
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Jisc
 
International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...Jisc
 
Digital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxDigital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxJisc
 
Open Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxOpen Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxJisc
 
Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Jisc
 
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...Jisc
 
Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc
 
Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc
 
Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc
 
JISC Presentation.pptx
JISC Presentation.pptxJISC Presentation.pptx
JISC Presentation.pptxJisc
 
Community-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxCommunity-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxJisc
 
The Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxThe Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxJisc
 
Are we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxAre we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxJisc
 
JiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJisc
 
UWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxUWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxJisc
 

Más de Jisc (20)

Jisc's value to HE: the University of Sheffield
Jisc's value to HE: the University of SheffieldJisc's value to HE: the University of Sheffield
Jisc's value to HE: the University of Sheffield
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptx
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptx
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
 
International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...
 
Digital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxDigital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptx
 
Open Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxOpen Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptx
 
Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...
 
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
 
Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023
 
Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023
 
Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023
 
JISC Presentation.pptx
JISC Presentation.pptxJISC Presentation.pptx
JISC Presentation.pptx
 
Community-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxCommunity-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptx
 
The Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxThe Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptx
 
Are we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxAre we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptx
 
JiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptx
 
UWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxUWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptx
 

Último

FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Bhuvaneswari Subramani
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityWSO2
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 

Último (20)

FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 

Information security at University of East London: the benefits (and pitfalls) of a framework approach

  • 1. Information security at University of East London: The benefits (and pitfalls) of a framework approach Craig Clark- Information Security and Compliance Manager Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 111/11/2016
  • 2. » Involved in information security at UEL since 2014 – previous experience in facilities management and insurance sectors » Not a traditional techie – background in social engineering, forensic science and risk management » Mandate covers implementing a ‘security culture’ » Certified ISO27001 lead implementer and GDPR practitioner About me 11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 2
  • 3. » Sensitive data across multiple systems with multiple owners » No consistent information governance methodology for classification and retention » ‘Best efforts’ approach from within IT but no formal information security strategy at vice chancellor and governor level » No full time post for information security » Fragmented approach information sharing The UEL information security quandary – Previously: 11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 3
  • 4. » Embeds governance, responsibility and accountability values - protection at the front door » A ‘one stop shop’ for information security and governance » A mechanism to implement the CIA triad consistently across the institution » Allows for information security to align with strategic goals » The framework aligns with controls outlined for an ISO27001 ISMS » Allows for a systematic approach to risk What is an information security framework in a UEL context? 11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 4
  • 5. 11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 5 Policy Signposting and awareness Procedures Processes Auditable evidence
  • 6. Mandatory » Data protection/GDPR » Freedom of Information » Copyright » Intellectual Property » Janet network » Prevent » PCI-DSS Information security policy Supporting policies » Acceptable use » Antivirus and malware » Cloud services » Social media » Data retention » Data classification » Access management policy 11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 6
  • 7. » Updated to reflect evolving risk landscape especially Prevent and GDPR » Modeled on Janet network/UCISA policies and toolkits » For UEL it requires backing at governor level – takes time to get through various committees » Needs Union involvement to feed in to disciplinary process for staff breaches » Communication and accountability across all levels is vital Policies 11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 7
  • 8. » Multiple modes of delivery (intranet, internal communications, eLearning, workshops and Lynda.com) » Dedicated workshops tailored to business function (research, service desk etc) » Dedicated intranet site aimed at highlighting good information security practices at work and at home » Information security incorporated into risk management strategy and various sub-committees Signposting and awareness 11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 8
  • 9. » Covers the who, what, where when and how » Many procedures and processes exist as ‘business as usual’ activities – but documentation is key to improve the amount of auditable evidence » Where processes and procedures are widely applicable they must be highly visible and people should be able to suggest improvements » Information sharing agreements and internal audit results should be held outside the affected department – ideally by governance Procedures and processes 11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 9
  • 10. » Framework allows for increased output of auditable evidence » Several audit templates available » ICO has published high level audit areas » Cloud SecurityAlliance » GDPR likely to impact on evidence requirements Auditable evidence 11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 10
  • 11. Conclusions » The framework is an evolving, flexible process » Final version will include new GDPR processes, policies and procedures » Buy in from the vice chancellor and governor has been vital » It’s a long road! » There has been resistance from some business units and academics but overall positive experience Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 11