From abiggers at ou.edu Tue Sep 6 11:50:11 2016 From: abiggers at ou.edu (Biggers, Anna L.) Date: Tue, 6 Sep 2016 16:50:11 +0000 Subject: [CoIT-Security] Biggers, Anna L. wants to share the file Default Report-COIT survery report.docx with you Message-ID: To view Default Report-COIT survery report.docx, sign in or create an account. -------------- next part -------------- An HTML attachment was scrubbed... URL: From abiggers at ou.edu Tue Sep 6 11:50:06 2016 From: abiggers at ou.edu (Biggers, Anna L.) Date: Tue, 6 Sep 2016 16:50:06 +0000 Subject: [CoIT-Security] COIT: Security meeting Message-ID: Biggers, Anna L. has shared a OneDrive for Business file with you. To view it, click the link below. [icon] Default Report-COIT survery report.docx Attached are the results of the survey from last week. We will review this today. Please use the skype link in the meeting - it will provide you a way to have it call your phone for audio. If you do have difficulty with the Skype - here is a general call in number: 405-325-6688 236300# Talk to you soon! anna -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image00001.png Type: image/png Size: 561 bytes Desc: image00001.png URL: From abiggers at ou.edu Tue Sep 6 11:52:34 2016 From: abiggers at ou.edu (Biggers, Anna L.) Date: Tue, 6 Sep 2016 16:52:34 +0000 Subject: [CoIT-Security] COIT: Security meeting Message-ID: Sorry - didn't realize the other one was a shared link. This should be an attachment you can open. anna From: Biggers, Anna L. Sent: Tuesday, September 6, 2016 11:50 AM To: COIT Security (coit-security at lists.onenet.net) Subject: COIT: Security meeting Attached are the results of the survey from last week. We will review this today. Please use the skype link in the meeting - it will provide you a way to have it call your phone for audio. If you do have difficulty with the Skype - here is a general call in number: 405-325-6688 236300# Talk to you soon! anna -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Default Report-COIT survery report.docx Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document Size: 120744 bytes Desc: Default Report-COIT survery report.docx URL: From Randy-Moore at ouhsc.edu Tue Sep 6 12:54:49 2016 From: Randy-Moore at ouhsc.edu (Moore, Randy W. (HSC)) Date: Tue, 6 Sep 2016 17:54:49 +0000 Subject: [CoIT-Security] COIT: Security meeting - Educause Security Program Assessment Tool Message-ID: COIT Security Committee, See the link below for the Educause Information Security Program Assessment Tool: https://library.educause.edu/resources/2015/11/information-security-program-assessment-tool Randy Moore Director, IT Information Security Services University of Oklahoma Health Sciences Center ROB-516 405-271-2476 -------------- next part -------------- An HTML attachment was scrubbed... URL: From Randy-Moore at ouhsc.edu Tue Sep 6 12:54:54 2016 From: Randy-Moore at ouhsc.edu (Moore, Randy W. (HSC)) Date: Tue, 6 Sep 2016 17:54:54 +0000 Subject: [CoIT-Security] COIT: Security meeting - CIS Security Control Assessment Message-ID: COIT Security Committee, Information on the CIS Critical Security Controls for Effective Cyber Defense can be found at the following two links: https://www.cisecurity.org/critical-controls.cfm https://www.sans.org/critical-security-controls/ Randy Moore Director, IT Information Security Services University of Oklahoma Health Sciences Center ROB-516 405-271-2476 -------------- next part -------------- An HTML attachment was scrubbed... URL: From rene.mason at swosu.edu Wed Sep 7 20:31:57 2016 From: rene.mason at swosu.edu (Mason, Rene) Date: Thu, 8 Sep 2016 01:31:57 +0000 Subject: [CoIT-Security] Security training @ SWOSU Message-ID: <2079DE05B51FA84B9E07D9704C2492C401EB2A3DE9@MAILBOX.admin.swosu.edu> Hello, I am the network administrator for Southwestern Oklahoma State University. Per the meeting we had yesterday, we do "some security training" for all of our staff. All new employees go through a orientation session. I have a segment in this training. I go over account information and then I transition to a section on security. My main emphasis is on phishing emails by going over emails and point out various red flags to look for in emails. Then I end with a few tips on things to keep their SWOSU and personal accounts more secure and tips of how to keep some of their personal data safe; hoping that making it personal for them. I have been planning on making security training to be a required online testing to be done 2-4 time a year with different parts of security in each section (15 minutes of time). All SWOSU employees have mandated online training require. The trainings varies with yearly, twice a year and 4 times a year. This will fit in with those. I just visited with our HR department today and they are in agreement with this. We are also looking at incorporating something like this for students as well. Student receive a quarterly email from us warning about phishing emails. Since we have quite a bit more trouble students, we are toying with the idea of making them take test or possible view a video before we reactive their accounts if they are shutdown do to becoming compromised. We have already been planning for October cybersecurity month. We have posters made up and have been handing out information. We just had an organizational fair in order to get students to our booth we had a drawing for some prizes. I know we are not doing much at this time but would like to do more as we move forward. I look forward to getting more ideas. Rene' Mason Southwestern Oklahoma State University Network Administrator -------------- next part -------------- An HTML attachment was scrubbed... URL: From abiggers at ou.edu Fri Sep 9 09:06:01 2016 From: abiggers at ou.edu (Biggers, Anna L.) Date: Fri, 9 Sep 2016 14:06:01 +0000 Subject: [CoIT-Security] Security training @ SWOSU In-Reply-To: <2079DE05B51FA84B9E07D9704C2492C401EB2A3DE9@MAILBOX.admin.swosu.edu> References: <2079DE05B51FA84B9E07D9704C2492C401EB2A3DE9@MAILBOX.admin.swosu.edu> Message-ID: This is great! Sounds like you are further along than some of us. Once I get the repository set up, I hope you will post some of your content there. I would also ask you to consider facilitating a conversation - perhaps where you share some of your content and what you are doing, and then generate a conversation or Q&A from the group. Let me know if you are up for it! Thanks again - glad to have you as part of the group! Anna From: coit-security-bounces at lists.onenet.net [mailto:coit-security-bounces at lists.onenet.net] On Behalf Of Mason, Rene Sent: Wednesday, September 7, 2016 8:32 PM To: CoIT-Security at lists.onenet.net Subject: [CoIT-Security] Security training @ SWOSU Hello, I am the network administrator for Southwestern Oklahoma State University. Per the meeting we had yesterday, we do "some security training" for all of our staff. All new employees go through a orientation session. I have a segment in this training. I go over account information and then I transition to a section on security. My main emphasis is on phishing emails by going over emails and point out various red flags to look for in emails. Then I end with a few tips on things to keep their SWOSU and personal accounts more secure and tips of how to keep some of their personal data safe; hoping that making it personal for them. I have been planning on making security training to be a required online testing to be done 2-4 time a year with different parts of security in each section (15 minutes of time). All SWOSU employees have mandated online training require. The trainings varies with yearly, twice a year and 4 times a year. This will fit in with those. I just visited with our HR department today and they are in agreement with this. We are also looking at incorporating something like this for students as well. Student receive a quarterly email from us warning about phishing emails. Since we have quite a bit more trouble students, we are toying with the idea of making them take test or possible view a video before we reactive their accounts if they are shutdown do to becoming compromised. We have already been planning for October cybersecurity month. We have posters made up and have been handing out information. We just had an organizational fair in order to get students to our booth we had a drawing for some prizes. I know we are not doing much at this time but would like to do more as we move forward. I look forward to getting more ideas. Rene' Mason Southwestern Oklahoma State University Network Administrator -------------- next part -------------- An HTML attachment was scrubbed... URL: From abiggers at ou.edu Fri Sep 9 09:09:44 2016 From: abiggers at ou.edu (Biggers, Anna L.) Date: Fri, 9 Sep 2016 14:09:44 +0000 Subject: [CoIT-Security] Meeting notes from 9/6/2016 Message-ID: Here are the notes I captured. I admit - I was going from memory on the attendees, so please correct me on this or the content! Thanks again for attending - I think this will be a relevant and rewarding committee. Attached also are the attendees with email addresses. If you have any other ideas or comments, please feel free to contact me. Anna Biggers Associate Vice President Business Strategy Advisor OU Information Technology 405.325.8586 | http://www.ou.edu/ouit -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: cyber security risk committee.xlsx Type: application/vnd.openxmlformats-officedocument.spreadsheetml.sheet Size: 9599 bytes Desc: cyber security risk committee.xlsx URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: COIT_Security_09062016.docx Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document Size: 16313 bytes Desc: COIT_Security_09062016.docx URL: From rene.mason at swosu.edu Wed Sep 14 13:06:57 2016 From: rene.mason at swosu.edu (Mason, Rene) Date: Wed, 14 Sep 2016 18:06:57 +0000 Subject: [CoIT-Security] Security training @ SWOSU In-Reply-To: References: <2079DE05B51FA84B9E07D9704C2492C401EB2A3DE9@MAILBOX.admin.swosu.edu> Message-ID: <2079DE05B51FA84B9E07D9704C2492C401EB2A866B@MAILBOX.admin.swosu.edu> This weekend I will be pulling some things together with what I currently use and then start looking for ideas. I am not sure what visions or other avenues other might be thinking about for training. Here are some quick things I have thought about that we can discuss as starting points which may lead trigger other thoughts. I think this might be a good starting block to generate conversation. Email/Phishing security (this is mainly what I do) Account/Password security - best practice for users (do's and don'ts); This may trigger what IT should consider for single sign-on pros & con Web surfing security Importance of guarding PII Is training for student vs. faculty/staff handled differently What methods of training/awareness initiatives (online, in person, posters, student activities etc.) Let me know if there are any other ideas and how we want to move forward from here. Rene' From: Biggers, Anna L. [mailto:abiggers at ou.edu] Sent: Friday, September 09, 2016 9:06 AM To: Mason, Rene ; CoIT-Security at lists.onenet.net Subject: RE: Security training @ SWOSU This is great! Sounds like you are further along than some of us. Once I get the repository set up, I hope you will post some of your content there. I would also ask you to consider facilitating a conversation - perhaps where you share some of your content and what you are doing, and then generate a conversation or Q&A from the group. Let me know if you are up for it! Thanks again - glad to have you as part of the group! Anna From: coit-security-bounces at lists.onenet.net [mailto:coit-security-bounces at lists.onenet.net] On Behalf Of Mason, Rene Sent: Wednesday, September 7, 2016 8:32 PM To: CoIT-Security at lists.onenet.net Subject: [CoIT-Security] Security training @ SWOSU Hello, I am the network administrator for Southwestern Oklahoma State University. Per the meeting we had yesterday, we do "some security training" for all of our staff. All new employees go through a orientation session. I have a segment in this training. I go over account information and then I transition to a section on security. My main emphasis is on phishing emails by going over emails and point out various red flags to look for in emails. Then I end with a few tips on things to keep their SWOSU and personal accounts more secure and tips of how to keep some of their personal data safe; hoping that making it personal for them. I have been planning on making security training to be a required online testing to be done 2-4 time a year with different parts of security in each section (15 minutes of time). All SWOSU employees have mandated online training require. The trainings varies with yearly, twice a year and 4 times a year. This will fit in with those. I just visited with our HR department today and they are in agreement with this. We are also looking at incorporating something like this for students as well. Student receive a quarterly email from us warning about phishing emails. Since we have quite a bit more trouble students, we are toying with the idea of making them take test or possible view a video before we reactive their accounts if they are shutdown do to becoming compromised. We have already been planning for October cybersecurity month. We have posters made up and have been handing out information. We just had an organizational fair in order to get students to our booth we had a drawing for some prizes. I know we are not doing much at this time but would like to do more as we move forward. I look forward to getting more ideas. Rene' Mason Southwestern Oklahoma State University Network Administrator -------------- next part -------------- An HTML attachment was scrubbed... URL: From abaillio at ou.edu Fri Sep 16 08:40:23 2016 From: abaillio at ou.edu (Baillio, Aaron) Date: Fri, 16 Sep 2016 13:40:23 +0000 Subject: [CoIT-Security] Threat Intelligence Message-ID: Earlier this week I attended a conference hosted by Anomali. The conference was called Anomali Detect and was the first they've hosted. The purpose of the conference was centered solely on IT threat intel and how to use it more effectively. Anomali is a vendor that aggregates threat intel and facilitates the organization and sharing of that information as well as other integrations. There were a number of other vendors there as well. I spoke during one of the breakout sessions and told the story of security in Higher Ed and how we use threat intel here at the University of Oklahoma. I wanted to share my slide deck in case it may help inform or help you direct your own intel efforts. We aren't by any means mature in how we are handling threat intel and have room to grow, but we've been using the Anomali product for several years as well as the individual feeds each product provides. Let me know if you have any questions! B. Aaron Baillio, Sec+, CEH, CISSP University of Oklahoma, Information Technology Managing Director, Security Operations and Architecture O: 405-325-7948 C: 254-400-6404 -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Threat Intelligence and Higher Ed.pdf Type: application/pdf Size: 921363 bytes Desc: Threat Intelligence and Higher Ed.pdf URL: From rene.mason at swosu.edu Wed Sep 21 15:03:21 2016 From: rene.mason at swosu.edu (Mason, Rene) Date: Wed, 21 Sep 2016 20:03:21 +0000 Subject: [CoIT-Security] SWOSU employee training Message-ID: <2079DE05B51FA84B9E07D9704C2492C401EB2AE592@MAILBOX.admin.swosu.edu> I have attached the training PPT I do with our staff. I did take out some pages which are not relevant to this discussion, and add some with content that I will be wanting to incorporate to our online training I am developing. Rene' Mason Southwestern Oklahoma State University Network administrator. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: New employee Orientation cybercsecurity.pptx Type: application/vnd.openxmlformats-officedocument.presentationml.presentation Size: 718517 bytes Desc: New employee Orientation cybercsecurity.pptx URL: From abiggers at ou.edu Fri Sep 23 11:49:38 2016 From: abiggers at ou.edu (Biggers, Anna L.) Date: Fri, 23 Sep 2016 16:49:38 +0000 Subject: [CoIT-Security] Repositories created Message-ID: Team, yesterday was our COIT meeting and I was happy to report about the activity from this group over the past few weeks. Thank you for your participation. As a reminder of our action items: * The facilitators were going to solicit questions/topics for their particular domain from the group to then facilitate a discussion around those. * I have worked with April at OneNet to set up the two repositories in our COIT Wiki. If you are not currently a member of COIT, you will receive an email notifying you that you are added as a subscriber. This will give you access to view the repositories. Unfortunately, you will need to send me anything you want to post, as COIT members are only allowed to post. In the meeting yesterday, there continues to be a strong interest from the group on Security and it was proposed that we work with OneNet to host an event (probably this winter) to get our people together regarding CyberSecurity. Have a CIO level discussion while the technologists roll their sleeves up and really share what they are doing around protecting the campus. I will pursue that a bit and then share back with the group what we need to work on. Thanks again for your participation. Anna Biggers Associate Vice President Business Strategy Advisor OU Information Technology 405.325.8586 | http://www.ou.edu/ouit -------------- next part -------------- An HTML attachment was scrubbed... URL: From abiggers at ou.edu Fri Sep 23 14:51:41 2016 From: abiggers at ou.edu (Biggers, Anna L.) Date: Fri, 23 Sep 2016 19:51:41 +0000 Subject: [CoIT-Security] FW: IT Security Alert: Yahoo Account Compromise In-Reply-To: References: Message-ID: FYI From: Eyachabbe, Lynnetta J. Sent: Friday, September 23, 2016 2:24 PM To: IT - All (Norman) Subject: IT Security Alert: Yahoo Account Compromise [https://gallery.mailchimp.com/ed1a9975a5937b248762311d4/images/ddf52be2-6d75-4ca5-9aa4-f96ae83e01e7.png] [https://gallery.mailchimp.com/ed1a9975a5937b248762311d4/images/4c1cbcac-6951-49d6-9d89-d5a007cdd927.png] WHAT IS THE CONCERN? Yahoo has announced that 500 million user accounts have been compromised. Although this does not directly affect University services, many users may have their OU email forwarding to a Yahoo account or set as a recovery account. WHO IS AFFECTED? Anyone who has a Yahoo, Flickr account could be compromised. WHAT ACTION DO I NEED TO TAKE? * Change your password for your Yahoo and Flickr accounts immediately. * Change your OU password as an added precaution by visiting accounts.ou.edu. * Use unique passwords for all of your accounts so that when situations like this arise, your password it is not compromised across multiple accounts. * Change your password for all your accounts frequently If you need assistance please call 325-HELP (4357) during normal business hours, or visit needhelp.ou.edu at any time. OU Information Technology ________________________________ HOME BLOG ASK IT SERVICES [https://cdn-images.mailchimp.com/icons/social-block-v2/outline-dark-facebook-48.png] [https://cdn-images.mailchimp.com/icons/social-block-v2/outline-dark-twitter-48.png] [https://cdn-images.mailchimp.com/icons/social-block-v2/outline-dark-link-48.png] [https://cdn-images.mailchimp.com/icons/social-block-v2/outline-dark-instagram-48.png] -------------- next part -------------- An HTML attachment was scrubbed... URL: