From abiggers at ou.edu Thu Feb 9 10:59:37 2017 From: abiggers at ou.edu (Biggers, Anna L.) Date: Thu, 9 Feb 2017 16:59:37 +0000 Subject: [CoIT-Security] Updates Message-ID: Sorry for any duplication. Here are a few interesting updates: 1. David Anderson pointed this story out to me. http://www.news9.com/story/34459584/cyber-security-a-concern-at-state-capitol 2. Regarding the State Risk Assessment: Question 25 asks whether you have a process for disclosing a breach. But if you click on more information, it indicates you should answer whether or not you have had a breach in the past 12 months. In talking with my team, they answered the first question not the "more information". Please let me know if there are any other questions/concerns. Again - I am happy to facilitate a call. 3. Regarding PCI and GLB Act. Our Bursar responds to the external Audits and financial aid audits in regard to PCI and they come to us if any of the questions are technical in nature. As far as Gramm-Leach-Bliley Act - https://www.ftc.gov/tips-advice/business-center/privacy-and-security/gramm-leach-bliley-act Our Bursar office does report that we are compliant. I would reach out to your respective Bursar offices for more information regarding compliance with that Act. 4. At our last meeting, Security Awareness training was discussed. I am curious if someone would like to put together a few slides to facilitate a discussion around what the campuses are doing regarding this - perhaps share some of the content (if built in-house). Have a great Thursday! Anna Biggers Vakulick Associate Vice President Business Strategy Advisor OU Information Technology Annual password changes are now required. Visit accounts.ou.edu to change your password today! -------------- next part -------------- An HTML attachment was scrubbed... URL: