[CoIT-Security] Notes from COIT Security Call

CoIT Security coit-security at lists.onenet.net
Fri Sep 1 15:42:47 CDT 2017 

Notes from the COIT Security Conference Call regarding Cyber Security Awareness and Training.  Please feel free to reply to me with any edits/comments.


Summary from last COIT meeting

  *   There is a general feeling at the State level that Higher Education is ill prepared for Cyber Security in a lot of areas - policy and procedure being two.
  *   Von has offered OneNet as a catalyst for efforts in this area and to provide resources where needed.
  *   There was discussion about building a central repository for  information that is shared with the COIT Group.
  *   There was discussion about building an Oklahoma Infraguard group that could discuss threat intelligence
  *   Chris, the CISO for OneNet is setting up a Higher Ed CISO summit - tentatively Oct. 19
  *   The State Risk assessment is coming up and as of now, will be due Dec. 22.  The State Risk assessment can be a tool to show the overall increase of Security across Higher Ed.
  *   There has been discussion about building a taskforce around Pen Testing in Higher Education - building out an Incident Response Taskforce.

Anna reviewed the results of the Survey.  (Attached)

UCO provides mandatory online training, but then offers monthly face to face training that is more customized to the department.
SWOSU reported that the students are their biggest issue and would like to see training for students.

>From the Survey, it seems the easiest way to get started with this is to

  1.  Identify scope (Employee and/or students)
  2.  Identify topics that should be covered
     *   No need to recreate the wheel.  There are plenty of sites that have documentation on this
  3.  Figure out the depth that should be covered of each topic
  4.  Build content around that content
  5.  Share with campuses for use.

Other thoughts:

  *   Build a master course in an LMS hosted out of OneNet for standardized training
  *   Each campus could then build a campus specific content off that master course.

There is support from many schools on the call to offer resources, content, expertise.



NEXT STEPS:

  1.  Anna will get a list from COIT for each school's Security person to get to Chris at OneNet for invitation to the Security Executive Summit
  2.  Anna will get a group of people for a taskforce to work on this Training and Awareness issue.  Perhaps could be a working group at each COIT meeting (and online in between)
  3.  Randy Moore at OUHSC is building a presentation that can be shared and used for talking to your president or board on the importance of Cyber Security Awareness.  Anna will get when ready and share out to COIT.



Anna Vakulick
Associate Vice President
OU Information Technology
405.325.8586  |  http://www.ou.edu/ouit |  avakulick at ou.edu<mailto:avakulick at ou.edu>


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.onenet.net/pipermail/coit-security/attachments/20170901/41b8abbd/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Security_survey.pdf
Type: application/pdf
Size: 177008 bytes
Desc: Security_survey.pdf
URL: <http://lists.onenet.net/pipermail/coit-security/attachments/20170901/41b8abbd/attachment-0001.pdf>

More information about the CoIT-Security mailing list