Embed Size (px)
Citation preview
Computer and Network Security Issues –the Security
Officer’s Perspective
Jeff Savoy, Information Security Officer
• Agree with the concepts presented by Kathy
•Review some of our statistics from our response team
Nickname “BadgIRT”
Not all incidents are reported
Computer and Networking Security IssuesThe Security Officer’s Perspective
Slide 2
Number of Incidents reported to BadgIRT
0
200
400
600
800
1000
1200
1999-2000 2000-2001 2001-2002
Year
Nu
mb
er o
f in
cid
ents
1999-2000
2000-2001
2001-2002
Slide 3
Slide 4
Sample of proactive measures
Security web site at www.doit.wisc.edu/security
Slide 5
Sample proactive measures (cont)
Host a two day security conference (Lockdown)
www.doit.wisc.edu/lockdown
Slide 6
Vulnerability Scanning
•Centralized campus scanning
Sample of proactive measures (cont)
Provide campus access to ISS Internet Scanner
Keys tied to their IP address range
•Self scans
Schedule scans 4-6 times a year
Forward results to computer owners
High level scans, not as much detail as self scans
Slide 7
Provide campus access to SANS “Step by Step” documents
Sample of proactive measures (cont)
Include Linux, Windows and Solaris
Slide 8
Provide students with Norton anti-virus software
Sample of proactive measures (cont)
“Rules of the Road” campaign
Awareness on appropriate use and security
Include posters, student radio spots and videos
Slide 9
Sample of proactive measures (cont)Slide 10
Sample of proactive measures (cont)Slide 11
•Online information security training videos
Future proactive measures
Target both end users and administrators
•Campus wide intrusion detection
Materials from CERIAS
Center for Education and Research Information Assurance and Security
www.cerias.purdue.edu/
Slide 12
Possible local certification program
