ABC's of Securing Educational Networks

•

1 like•366 views

This presentation covers real-world examples of how today’s security professionals at educational institutions are protecting their networks.

Technology Education

ABC’s of Securing
Educational Networks

Presented by
Jonathan Bitle
Technical Director, Qualys, Inc.

Data Protection Challenges for EDU

• Network Design
– Student (Open)
– Faculty
– Operations
– Research/partnerships

• Budget, or lack thereof…

• Time

• Headcount

2

Data Protection Challenges for EDU

3
COMPANY CONFIDENTIAL

Anatomy (of an EDU exploit) 101

• REPORTED: April 9th, 2009

• INSTITUTION: Penn State

• DEPTH: 10,868 Social Security Numbers

• SECURITY EFFORTS: Malware detection per host

Privacyrights.org

4

Knowledge is power…
• Identification
• Separation
• Prioritize/Classify
• Audit
• Educate up and down
• Remediate
• Monitor

• Too much?

6

Keys for Success

• Automation

• Integration/API

• Simplicity

• Delegation

7

Q&A

Thank You

Jonathan Bitle
jbitle@qualys.com

Viewers also liked

Osam Mardin Professional Samples1mardinor

5 A 2008domienict

Langley primaryFaye Brownlie

Espace travailPixelis

Destiny Overviewharoldgrant70

Mobile,mobile, mobileKaKi Law

Visualizing Differential Equationspd3h

IKH331-01-pendahuluanAnung Ariwibowo

Sph 107 Ch 9Bryant Hall

Ingalaterra Eta Portugalguestd4e08

soal-pemrograman-bAnung Ariwibowo

CR4YR collaboration.Aug 2013, Oct Prince Rupert Faye Brownlie

ikp321-01Anung Ariwibowo

Embedding Research in Society: Supporting Agricultural Innovation in a Global...LINKInnovationStudies

IKH331-07-java-rmiAnung Ariwibowo

In Memoriam Octavian Palerpuicarmariana

Collaboration.richmond.elem 2013 rt Faye Brownlie

Cyberpolitics 2009 W5oiwan

Undop Paris09ppElisabeth Riedl

Viewers also liked (19)

Osam Mardin Professional Samples1

5 A 2008

Langley primary

Espace travail

Destiny Overview

Mobile,mobile, mobile

Visualizing Differential Equations

IKH331-01-pendahuluan

Sph 107 Ch 9

Ingalaterra Eta Portugal

soal-pemrograman-b

CR4YR collaboration.Aug 2013, Oct Prince Rupert

ikp321-01

Embedding Research in Society: Supporting Agricultural Innovation in a Global...

IKH331-07-java-rmi

In Memoriam Octavian Paler

Collaboration.richmond.elem 2013 rt

Cyberpolitics 2009 W5

Undop Paris09pp

Similar to ABC's of Securing Educational Networks

IPAS at Penn StateVince Verbeke

Epoch Universal Professional Services: Penetration TestEpoch Universal, Inc.

Data Minimization.Defensible Culling Techniques 04.03.09knugent

I F N007 T Mc Lean 91807Dreamforce07

How to data mine your print reports Jim Kaplan CIA CFE

BSIDES DETROIT 2015: Data breaches cost of doing businessJoel Cardella

Aetna information security assurance programSiddharth Janakiram

Idera live 2021: Database Auditing - on-Premises and in the Cloud by Craig M...IDERA Software

SNW Fall 2009Jeff Kubacki

Haystax carbon for Insider Threat Management & Continuous EvaluationHaystax Technology

Haystax Carbon for Insider Threat ManagementHaystax Technology

CTPAT and Cybersecurity. Dan Petrosini

Corporate Awareness Litigationdkarpinsky

CyberSecurity Update SlidesJim Kaplan CIA CFE

Leading Practices in Information Security & PrivacyDonny Shimamoto

Law Firm Security: How to Protect Your Client Data and Stay CompliantClio - Cloud-Based Legal Technology

IT and Teleco Trends in IrelandOisin Byrne

Cybersecurity - Simple, Sustainable, SecureYokogawa1

Digitalstakeout Scout OverviewDigitalStakeout

2011 10 19 Raj Goel Isc2 Secure Boston Cloud Computing Oversharing Over Colle...Raj Goel

Similar to ABC's of Securing Educational Networks (20)

IPAS at Penn State

Epoch Universal Professional Services: Penetration Test

Data Minimization.Defensible Culling Techniques 04.03.09

I F N007 T Mc Lean 91807

How to data mine your print reports

BSIDES DETROIT 2015: Data breaches cost of doing business

Aetna information security assurance program

Idera live 2021: Database Auditing - on-Premises and in the Cloud by Craig M...

SNW Fall 2009

Haystax carbon for Insider Threat Management & Continuous Evaluation

Haystax Carbon for Insider Threat Management

CTPAT and Cybersecurity.

Corporate Awareness Litigation

CyberSecurity Update Slides

Leading Practices in Information Security & Privacy

Law Firm Security: How to Protect Your Client Data and Stay Compliant

IT and Teleco Trends in Ireland

Cybersecurity - Simple, Sustainable, Secure

Digitalstakeout Scout Overview

2011 10 19 Raj Goel Isc2 Secure Boston Cloud Computing Oversharing Over Colle...

Recently uploaded

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra

ICT role in 21st century education and its challengesrafiqahmad00786416

Why Teams call analytics are critical to your entire businesspanagenda

Architecting Cloud Native ApplicationsWSO2

Introduction to Multilingual Retrieval Augmented Generation (RAG)Zilliz

Apidays New York 2024 - The value of a flexible API Management solution for O...apidays

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software

MS Copilot expands with MS Graph connectorsNanddeep Nachan

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays

DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays

Elevate Developer Efficiency & build GenAI Application with Amazon QBhuvaneswari Subramani

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub

Corporate and higher education May webinar.pptxRustici Software

TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc

FWD Group - Insurer Innovation Award 2024The Digital Insurer

Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh

WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney

Recently uploaded (20)

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

ICT role in 21st century education and its challenges

Why Teams call analytics are critical to your entire business

Architecting Cloud Native Applications

Introduction to Multilingual Retrieval Augmented Generation (RAG)

Apidays New York 2024 - The value of a flexible API Management solution for O...

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

MS Copilot expands with MS Graph connectors

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

Elevate Developer Efficiency & build GenAI Application with Amazon Q

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...

Corporate and higher education May webinar.pptx

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

FWD Group - Insurer Innovation Award 2024

Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model

WSO2's API Vision: Unifying Control, Empowering Developers

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...

ABC's of Securing Educational Networks

1. ABC’s of Securing Educational Networks Presented by Jonathan Bitle Technical Director, Qualys, Inc.

2. Data Protection Challenges for EDU • Network Design – Student (Open) – Faculty – Operations – Research/partnerships • Budget, or lack thereof… • Time • Headcount 2

3. Data Protection Challenges for EDU 3 COMPANY CONFIDENTIAL

4. Anatomy (of an EDU exploit) 101 • REPORTED: April 9th, 2009 • INSTITUTION: Penn State • DEPTH: 10,868 Social Security Numbers • SECURITY EFFORTS: Malware detection per host Privacyrights.org 4

5. Economics 101 - Security vs. Clean-up • Industry estimates of cost per customer record for clean- ups – $90 to $305 per customer record – Costs vary depending on whether the breach is “low-profile” or “high-profile”, regulations, and state privacy requirements • Forrester estimated the cost at $70-$80 per record – This is just for discovery, notification and response including: Legal counsel Call centers Mail notification 5

6. Knowledge is power… • Identification • Separation • Prioritize/Classify • Audit • Educate up and down • Remediate • Monitor • Too much? 6

7. Keys for Success • Automation • Integration/API • Simplicity • Delegation 7

8. Q&A Thank You Jonathan Bitle jbitle@qualys.com

ABC's of Securing Educational Networks

Recommended

Recommended

More Related Content

Viewers also liked

Viewers also liked (19)

Similar to ABC's of Securing Educational Networks

Similar to ABC's of Securing Educational Networks (20)

More from Sasha Nunke

More from Sasha Nunke (9)

Recently uploaded

Recently uploaded (20)

ABC's of Securing Educational Networks