SlideShare a Scribd company logo

ABC's of Securing Educational Networks

Sasha Nunke
Sasha Nunke

This presentation covers real-world examples of how today’s security professionals at educational institutions are protecting their networks.

TechnologyEducation
1 of 8
Download to read offline
ABC’s of Securing Educational Networks Presented by Jonathan Bitle Technical Director, Qualys, Inc.
Data Protection Challenges for EDU • Network Design – Student (Open) – Faculty – Operations – Research/partnerships • Budget, or lack thereof… • Time • Headcount 2
Data Protection Challenges for EDU 3 COMPANY CONFIDENTIAL
Anatomy (of an EDU exploit) 101 • REPORTED: April 9th, 2009 • INSTITUTION: Penn State • DEPTH: 10,868 Social Security Numbers • SECURITY EFFORTS: Malware detection per host Privacyrights.org 4
Economics 101 - Security vs. Clean-up • Industry estimates of cost per customer record for clean- ups – $90 to $305 per customer record – Costs vary depending on whether the breach is “low-profile” or “high-profile”, regulations, and state privacy requirements • Forrester estimated the cost at $70-$80 per record – This is just for discovery, notification and response including: Legal counsel Call centers Mail notification 5
Knowledge is power… • Identification • Separation • Prioritize/Classify • Audit • Educate up and down • Remediate • Monitor • Too much? 6
Keys for Success • Automation • Integration/API • Simplicity • Delegation 7
Q&A Thank You Jonathan Bitle jbitle@qualys.com

Recommended

Protex Central Capabilities Presentation
Protex Central Capabilities PresentationProtex Central Capabilities Presentation
Protex Central Capabilities Presentation
Shawn Mullen, SET
 
MEDICAL TOURISM IN INDIA SWARNA
MEDICAL TOURISM IN INDIA SWARNAMEDICAL TOURISM IN INDIA SWARNA
MEDICAL TOURISM IN INDIA SWARNA
swarnajaya
 
Rupert - AFL - Jan, 2014
Rupert - AFL - Jan, 2014Rupert - AFL - Jan, 2014
Rupert - AFL - Jan, 2014
Faye Brownlie
 
Art renaixement
Art renaixementArt renaixement
Art renaixement
Pablo Valenciano Sanz
 
The Ride of Your Life
The Ride of Your LifeThe Ride of Your Life
The Ride of Your Life
Marian Madonia, CSP
 
MRLC MR/SR Oct 2016
MRLC MR/SR Oct 2016MRLC MR/SR Oct 2016
MRLC MR/SR Oct 2016
Faye Brownlie
 
Blancanieves y los siete gigantones
Blancanieves y los siete gigantonesBlancanieves y los siete gigantones
Blancanieves y los siete gigantones
XXX XXX
 
Dia de la paz 2017
Dia de la paz 2017Dia de la paz 2017
Dia de la paz 2017
XXX XXX
 

Recommended

Protex Central Capabilities Presentation
Protex Central Capabilities PresentationProtex Central Capabilities Presentation
Protex Central Capabilities Presentation
Shawn Mullen, SET
 
MEDICAL TOURISM IN INDIA SWARNA
MEDICAL TOURISM IN INDIA SWARNAMEDICAL TOURISM IN INDIA SWARNA
MEDICAL TOURISM IN INDIA SWARNA
swarnajaya
 
Rupert - AFL - Jan, 2014
Rupert - AFL - Jan, 2014Rupert - AFL - Jan, 2014
Rupert - AFL - Jan, 2014
Faye Brownlie
 
Art renaixement
Art renaixementArt renaixement
Art renaixement
Pablo Valenciano Sanz
 
The Ride of Your Life
The Ride of Your LifeThe Ride of Your Life
The Ride of Your Life
Marian Madonia, CSP
 
MRLC MR/SR Oct 2016
MRLC MR/SR Oct 2016MRLC MR/SR Oct 2016
MRLC MR/SR Oct 2016
Faye Brownlie
 
Blancanieves y los siete gigantones
Blancanieves y los siete gigantonesBlancanieves y los siete gigantones
Blancanieves y los siete gigantones
XXX XXX
 
Dia de la paz 2017
Dia de la paz 2017Dia de la paz 2017
Dia de la paz 2017
XXX XXX
 
Osam Mardin Professional Samples1
Osam Mardin Professional Samples1Osam Mardin Professional Samples1
Osam Mardin Professional Samples1
mardinor
 
5 A 2008
5 A 20085 A 2008
5 A 2008
domienict
 
Langley primary
Langley primaryLangley primary
Langley primary
Faye Brownlie
 
Espace travail
Espace travailEspace travail
Espace travail
Pixelis
 
Destiny Overview
Destiny OverviewDestiny Overview
Destiny Overview
haroldgrant70
 
Mobile,mobile, mobile
Mobile,mobile, mobileMobile,mobile, mobile
Mobile,mobile, mobile
KaKi Law
 
Visualizing Differential Equations
Visualizing Differential EquationsVisualizing Differential Equations
Visualizing Differential Equations
pd3h
 
IKH331-01-pendahuluan
IKH331-01-pendahuluanIKH331-01-pendahuluan
IKH331-01-pendahuluan
Anung Ariwibowo
 
Sph 107 Ch 9
Sph 107 Ch 9Sph 107 Ch 9
Sph 107 Ch 9
Bryant Hall
 
Ingalaterra Eta Portugal
Ingalaterra Eta PortugalIngalaterra Eta Portugal
Ingalaterra Eta Portugal
guestd4e08
 
soal-pemrograman-b
soal-pemrograman-bsoal-pemrograman-b
soal-pemrograman-b
Anung Ariwibowo
 
CR4YR collaboration.Aug 2013, Oct Prince Rupert
CR4YR collaboration.Aug 2013, Oct Prince Rupert CR4YR collaboration.Aug 2013, Oct Prince Rupert
CR4YR collaboration.Aug 2013, Oct Prince Rupert
Faye Brownlie
 
ikp321-01
ikp321-01ikp321-01
ikp321-01
Anung Ariwibowo
 
Embedding Research in Society: Supporting Agricultural Innovation in a Global...
Embedding Research in Society: Supporting Agricultural Innovation in a Global...Embedding Research in Society: Supporting Agricultural Innovation in a Global...
Embedding Research in Society: Supporting Agricultural Innovation in a Global...
LINKInnovationStudies
 
IKH331-07-java-rmi
IKH331-07-java-rmiIKH331-07-java-rmi
IKH331-07-java-rmi
Anung Ariwibowo
 
In Memoriam Octavian Paler
In Memoriam Octavian PalerIn Memoriam Octavian Paler
In Memoriam Octavian Paler
puicarmariana
 
Collaboration.richmond.elem 2013 rt
Collaboration.richmond.elem 2013 rt Collaboration.richmond.elem 2013 rt
Collaboration.richmond.elem 2013 rt
Faye Brownlie
 
Cyberpolitics 2009 W5
Cyberpolitics 2009 W5Cyberpolitics 2009 W5
Cyberpolitics 2009 W5
oiwan
 
Undop Paris09pp
Undop Paris09ppUndop Paris09pp
Undop Paris09pp
Elisabeth Riedl
 
IPAS at Penn State
IPAS at Penn StateIPAS at Penn State
IPAS at Penn State
Vince Verbeke
 
Epoch Universal Professional Services: Penetration Test
Epoch Universal Professional Services: Penetration TestEpoch Universal Professional Services: Penetration Test
Epoch Universal Professional Services: Penetration Test
Epoch Universal, Inc.
 
Data Minimization.Defensible Culling Techniques 04.03.09
Data Minimization.Defensible Culling Techniques 04.03.09Data Minimization.Defensible Culling Techniques 04.03.09
Data Minimization.Defensible Culling Techniques 04.03.09
knugent
 

More Related Content

Viewers also liked

Osam Mardin Professional Samples1
Osam Mardin Professional Samples1Osam Mardin Professional Samples1
Osam Mardin Professional Samples1
mardinor
 
Espace travail
Espace travailEspace travail
Espace travail
Pixelis
 
Mobile,mobile, mobile
Mobile,mobile, mobileMobile,mobile, mobile
Mobile,mobile, mobile
KaKi Law
 
Visualizing Differential Equations
Visualizing Differential EquationsVisualizing Differential Equations
Visualizing Differential Equations
pd3h
 
Ingalaterra Eta Portugal
Ingalaterra Eta PortugalIngalaterra Eta Portugal
Ingalaterra Eta Portugal
guestd4e08
 
In Memoriam Octavian Paler
In Memoriam Octavian PalerIn Memoriam Octavian Paler
In Memoriam Octavian Paler
puicarmariana
 
Cyberpolitics 2009 W5
Cyberpolitics 2009 W5Cyberpolitics 2009 W5
Cyberpolitics 2009 W5
oiwan
 

Viewers also liked (19)

Osam Mardin Professional Samples1
Osam Mardin Professional Samples1Osam Mardin Professional Samples1
Osam Mardin Professional Samples1
 
5 A 2008
5 A 20085 A 2008
5 A 2008
 
Langley primary
Langley primaryLangley primary
Langley primary
 
Espace travail
Espace travailEspace travail
Espace travail
 
Destiny Overview
Destiny OverviewDestiny Overview
Destiny Overview
 
Mobile,mobile, mobile
Mobile,mobile, mobileMobile,mobile, mobile
Mobile,mobile, mobile
 
Visualizing Differential Equations
Visualizing Differential EquationsVisualizing Differential Equations
Visualizing Differential Equations
 
IKH331-01-pendahuluan
IKH331-01-pendahuluanIKH331-01-pendahuluan
IKH331-01-pendahuluan
 
Sph 107 Ch 9
Sph 107 Ch 9Sph 107 Ch 9
Sph 107 Ch 9
 
Ingalaterra Eta Portugal
Ingalaterra Eta PortugalIngalaterra Eta Portugal
Ingalaterra Eta Portugal
 
soal-pemrograman-b
soal-pemrograman-bsoal-pemrograman-b
soal-pemrograman-b
 
CR4YR collaboration.Aug 2013, Oct Prince Rupert
CR4YR collaboration.Aug 2013, Oct Prince Rupert CR4YR collaboration.Aug 2013, Oct Prince Rupert
CR4YR collaboration.Aug 2013, Oct Prince Rupert
 
ikp321-01
ikp321-01ikp321-01
ikp321-01
 
Embedding Research in Society: Supporting Agricultural Innovation in a Global...
Embedding Research in Society: Supporting Agricultural Innovation in a Global...Embedding Research in Society: Supporting Agricultural Innovation in a Global...
Embedding Research in Society: Supporting Agricultural Innovation in a Global...
 
IKH331-07-java-rmi
IKH331-07-java-rmiIKH331-07-java-rmi
IKH331-07-java-rmi
 
In Memoriam Octavian Paler
In Memoriam Octavian PalerIn Memoriam Octavian Paler
In Memoriam Octavian Paler
 
Collaboration.richmond.elem 2013 rt
Collaboration.richmond.elem 2013 rt Collaboration.richmond.elem 2013 rt
Collaboration.richmond.elem 2013 rt
 
Cyberpolitics 2009 W5
Cyberpolitics 2009 W5Cyberpolitics 2009 W5
Cyberpolitics 2009 W5
 
Undop Paris09pp
Undop Paris09ppUndop Paris09pp
Undop Paris09pp
 

Similar to ABC's of Securing Educational Networks

IPAS at Penn State
IPAS at Penn StateIPAS at Penn State
IPAS at Penn State
Vince Verbeke
 
Data Minimization.Defensible Culling Techniques 04.03.09
Data Minimization.Defensible Culling Techniques 04.03.09Data Minimization.Defensible Culling Techniques 04.03.09
Data Minimization.Defensible Culling Techniques 04.03.09
knugent
 
How to data mine your print reports
How to data mine your print reports How to data mine your print reports
How to data mine your print reports
Jim Kaplan CIA CFE
 
Aetna information security assurance program
Aetna information security assurance programAetna information security assurance program
Aetna information security assurance program
Siddharth Janakiram
 
Idera live 2021: Database Auditing - on-Premises and in the Cloud by Craig M...
Idera live 2021: Database Auditing - on-Premises and in the Cloud by Craig M...Idera live 2021: Database Auditing - on-Premises and in the Cloud by Craig M...
Idera live 2021: Database Auditing - on-Premises and in the Cloud by Craig M...
IDERA Software
 
CyberSecurity Update Slides
CyberSecurity Update SlidesCyberSecurity Update Slides
CyberSecurity Update Slides
Jim Kaplan CIA CFE
 
Leading Practices in Information Security & Privacy
Leading Practices in Information Security & PrivacyLeading Practices in Information Security & Privacy
Leading Practices in Information Security & Privacy
Donny Shimamoto
 
Cybersecurity - Simple, Sustainable, Secure
Cybersecurity - Simple, Sustainable, SecureCybersecurity - Simple, Sustainable, Secure
Cybersecurity - Simple, Sustainable, Secure
Yokogawa1
 
2011 10 19 Raj Goel Isc2 Secure Boston Cloud Computing Oversharing Over Colle...
2011 10 19 Raj Goel Isc2 Secure Boston Cloud Computing Oversharing Over Colle...2011 10 19 Raj Goel Isc2 Secure Boston Cloud Computing Oversharing Over Colle...
2011 10 19 Raj Goel Isc2 Secure Boston Cloud Computing Oversharing Over Colle...
Raj Goel
 

Similar to ABC's of Securing Educational Networks (20)

IPAS at Penn State
IPAS at Penn StateIPAS at Penn State
IPAS at Penn State
 
Epoch Universal Professional Services: Penetration Test
Epoch Universal Professional Services: Penetration TestEpoch Universal Professional Services: Penetration Test
Epoch Universal Professional Services: Penetration Test
 
Data Minimization.Defensible Culling Techniques 04.03.09
Data Minimization.Defensible Culling Techniques 04.03.09Data Minimization.Defensible Culling Techniques 04.03.09
Data Minimization.Defensible Culling Techniques 04.03.09
 
I F N007 T Mc Lean 91807
I F N007 T Mc Lean 91807I F N007 T Mc Lean 91807
I F N007 T Mc Lean 91807
 
How to data mine your print reports
How to data mine your print reports How to data mine your print reports
How to data mine your print reports
 
BSIDES DETROIT 2015: Data breaches cost of doing business
BSIDES DETROIT 2015: Data breaches cost of doing businessBSIDES DETROIT 2015: Data breaches cost of doing business
BSIDES DETROIT 2015: Data breaches cost of doing business
 
Aetna information security assurance program
Aetna information security assurance programAetna information security assurance program
Aetna information security assurance program
 
Idera live 2021: Database Auditing - on-Premises and in the Cloud by Craig M...
Idera live 2021: Database Auditing - on-Premises and in the Cloud by Craig M...Idera live 2021: Database Auditing - on-Premises and in the Cloud by Craig M...
Idera live 2021: Database Auditing - on-Premises and in the Cloud by Craig M...
 
SNW Fall 2009
SNW Fall 2009SNW Fall 2009
SNW Fall 2009
 
Haystax carbon for Insider Threat Management & Continuous Evaluation
Haystax carbon for Insider Threat Management & Continuous EvaluationHaystax carbon for Insider Threat Management & Continuous Evaluation
Haystax carbon for Insider Threat Management & Continuous Evaluation
 
Haystax Carbon for Insider Threat Management
Haystax Carbon for Insider Threat ManagementHaystax Carbon for Insider Threat Management
Haystax Carbon for Insider Threat Management
 
CTPAT and Cybersecurity.
CTPAT and Cybersecurity. CTPAT and Cybersecurity.
CTPAT and Cybersecurity.
 
Corporate Awareness Litigation
Corporate Awareness LitigationCorporate Awareness Litigation
Corporate Awareness Litigation
 
CyberSecurity Update Slides
CyberSecurity Update SlidesCyberSecurity Update Slides
CyberSecurity Update Slides
 
Leading Practices in Information Security & Privacy
Leading Practices in Information Security & PrivacyLeading Practices in Information Security & Privacy
Leading Practices in Information Security & Privacy
 
Law Firm Security: How to Protect Your Client Data and Stay Compliant
Law Firm Security: How to Protect Your Client Data and Stay CompliantLaw Firm Security: How to Protect Your Client Data and Stay Compliant
Law Firm Security: How to Protect Your Client Data and Stay Compliant
 
IT and Teleco Trends in Ireland
IT and Teleco Trends in IrelandIT and Teleco Trends in Ireland
IT and Teleco Trends in Ireland
 
Cybersecurity - Simple, Sustainable, Secure
Cybersecurity - Simple, Sustainable, SecureCybersecurity - Simple, Sustainable, Secure
Cybersecurity - Simple, Sustainable, Secure
 
Digitalstakeout Scout Overview
Digitalstakeout Scout OverviewDigitalstakeout Scout Overview
Digitalstakeout Scout Overview
 
2011 10 19 Raj Goel Isc2 Secure Boston Cloud Computing Oversharing Over Colle...
2011 10 19 Raj Goel Isc2 Secure Boston Cloud Computing Oversharing Over Colle...2011 10 19 Raj Goel Isc2 Secure Boston Cloud Computing Oversharing Over Colle...
2011 10 19 Raj Goel Isc2 Secure Boston Cloud Computing Oversharing Over Colle...
 

More from Sasha Nunke

Don’t let Your Website Spread Malware – a New Approach to Web App Security
Don’t let Your Website Spread Malware – a New Approach to Web App SecurityDon’t let Your Website Spread Malware – a New Approach to Web App Security
Don’t let Your Website Spread Malware – a New Approach to Web App Security
Sasha Nunke
 
Cost-effective approach to full-cycle vulnerability management
Cost-effective approach to full-cycle vulnerability managementCost-effective approach to full-cycle vulnerability management
Cost-effective approach to full-cycle vulnerability management
Sasha Nunke
 
Web Application Security For Small and Medium Businesses
Web Application Security For Small and Medium BusinessesWeb Application Security For Small and Medium Businesses
Web Application Security For Small and Medium Businesses
Sasha Nunke
 

More from Sasha Nunke (9)

Don’t let Your Website Spread Malware – a New Approach to Web App Security
Don’t let Your Website Spread Malware – a New Approach to Web App SecurityDon’t let Your Website Spread Malware – a New Approach to Web App Security
Don’t let Your Website Spread Malware – a New Approach to Web App Security
 
Cost-effective approach to full-cycle vulnerability management
Cost-effective approach to full-cycle vulnerability managementCost-effective approach to full-cycle vulnerability management
Cost-effective approach to full-cycle vulnerability management
 
Web Application Security For Small and Medium Businesses
Web Application Security For Small and Medium BusinessesWeb Application Security For Small and Medium Businesses
Web Application Security For Small and Medium Businesses
 
7 Mistakes of IT Security Compliance - and Steps to Avoid Them
7 Mistakes of IT Security Compliance - and Steps to Avoid Them7 Mistakes of IT Security Compliance - and Steps to Avoid Them
7 Mistakes of IT Security Compliance - and Steps to Avoid Them
 
PCI Myths
PCI MythsPCI Myths
PCI Myths
 
Web Application Scanning 101
Web Application Scanning 101Web Application Scanning 101
Web Application Scanning 101
 
Automating Policy Compliance and IT Governance
Automating Policy Compliance and IT GovernanceAutomating Policy Compliance and IT Governance
Automating Policy Compliance and IT Governance
 
PCI Compliance: What You Need to Know
PCI Compliance: What You Need to KnowPCI Compliance: What You Need to Know
PCI Compliance: What You Need to Know
 
Planning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management ProgramPlanning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management Program
 

Recently uploaded

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 

Recently uploaded (20)

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 

ABC's of Securing Educational Networks

  • 1. ABC’s of Securing Educational Networks Presented by Jonathan Bitle Technical Director, Qualys, Inc.
  • 2. Data Protection Challenges for EDU • Network Design – Student (Open) – Faculty – Operations – Research/partnerships • Budget, or lack thereof… • Time • Headcount 2
  • 3. Data Protection Challenges for EDU 3 COMPANY CONFIDENTIAL
  • 4. Anatomy (of an EDU exploit) 101 • REPORTED: April 9th, 2009 • INSTITUTION: Penn State • DEPTH: 10,868 Social Security Numbers • SECURITY EFFORTS: Malware detection per host Privacyrights.org 4
  • 5. Economics 101 - Security vs. Clean-up • Industry estimates of cost per customer record for clean- ups – $90 to $305 per customer record – Costs vary depending on whether the breach is “low-profile” or “high-profile”, regulations, and state privacy requirements • Forrester estimated the cost at $70-$80 per record – This is just for discovery, notification and response including: Legal counsel Call centers Mail notification 5
  • 6. Knowledge is power… • Identification • Separation • Prioritize/Classify • Audit • Educate up and down • Remediate • Monitor • Too much? 6
  • 7. Keys for Success • Automation • Integration/API • Simplicity • Delegation 7
  • 8. Q&A Thank You Jonathan Bitle jbitle@qualys.com