Transcript The future of My UW-Madison

Computer and Network
Security Issues –the Security
Officer’s Perspective
Jeff Savoy, Information Security Officer
Slide 2
Computer and Networking Security Issues
The Security Officer’s Perspective
• Agree with the concepts presented by Kathy
•Review some of our statistics from our response team
[email protected]
Nickname “BadgIRT”
Not all incidents are reported
Slide 3
Number of Incidents reported to BadgIRT
Number of incidents
1200
1000
800
1999-2000
600
2000-2001
400
2001-2002
200
0
1999-2000
2000-2001
Year
2001-2002
Slide 4
Slide 5
Sample of proactive measures
Security web site at www.doit.wisc.edu/security
Slide 6
Sample proactive measures (cont)
Host a two day security conference (Lockdown)
www.doit.wisc.edu/lockdown
Slide 7
Sample of proactive measures (cont)
Vulnerability Scanning
•Self scans
Provide campus access to ISS Internet Scanner
Keys tied to their IP address range
•Centralized campus scanning
High level scans, not as much detail as self scans
Schedule scans 4-6 times a year
Forward results to computer owners
Slide 8
Sample of proactive measures (cont)
Provide campus access to SANS “Step by Step” documents
Include Linux, Windows and Solaris
Slide 9
Sample of proactive measures (cont)
Provide students with Norton anti-virus software
“Rules of the Road” campaign
Awareness on appropriate use and security
Include posters, student radio spots and videos
Slide 10
Sample of proactive measures (cont)
Slide 11
Sample of proactive measures (cont)
Slide 12
Future proactive measures
•Online information security training videos
Target both end users and administrators
Materials from CERIAS
Center for Education and Research Information Assurance and Security
www.cerias.purdue.edu/
Possible local certification program
•Campus wide intrusion detection