Click here to load reader
Upload
ben-woelk-cissp
View
160
Download
0
Embed Size (px)
DESCRIPTION
Presentation to the Training and Awareness Working Group, U.S. Department of Health and Human Services, September 11, 2012
Citation preview
Powerpoint Templates Page 1 Powerpoint Templates
Security Awareness at RIT 2012-2013
Presentation to Training and Awareness Working Group (TAWG)
U.S. Department of Health and Human Services (HHS)
September 11, 2012
Ben Woelk Policy and Awareness Analyst, Rochester Institute of
Technology Co-chair, Awareness and Training Working Group,
EDUCAUSE Higher Education Information Security Council
Powerpoint Templates Page 2
About me
• Education – Liberal arts undergrad – Graduate degree(s) in History, ABD – Advanced Certificate in Technical
Information Design • Professionally
– IT Communications Consultant – RIT since 2004 – Adjunct professor
Powerpoint Templates Page 3
About RIT
• Private University • Technology, Business, Liberal Arts, School
of American Crafts, NTID • ~18,000 students • ~3000 faculty and staff • Strong co-op program • Academic Center of Excellence
Powerpoint Templates Page 4
About EDUCAUSE HEISC
EDUCAUSE® • Nonprofit association and foremost
community of IT leaders and professionals committed to advancing higher education.
• 1800 member institutions HEISC (Higher Education Information Security Council • Working groups
– Awareness and Training – Information Security Guide – Technologies, Operations, and Practices – Government, Risk, Compliance
Powerpoint Templates Page 5
Key challenges
• Organizational placement – Risk management or IT?
• Audience – Faculty, staff, students – 20% new yearly
• Heterogeneous environment – Legacy systems – Bleeding edge – Personal IT
• Budget constraints • Private information everywhere
Powerpoint Templates Page 6
Issues
• Spear Phishing • Admin rights • Computer and device management • Cloud computing • Data loss • Advanced Persistent Threats?
Powerpoint Templates Page 7
Key is communications plan • Systematic approach • Repeatable • Set and achieve goals • Be proactive • Be strategy driven, not event driven • Strategic plan drives marketing/communications
plan
Powerpoint Templates Page 8
Components of a Plan • Audience analysis • Key messages • Communications channels • Calendar of promotions • Develop relationships
Powerpoint Templates Page 9
RIT Awareness Plan 2012-13 • Social media • Website redesign (blog) • Traditional media • Events
Powerpoint Templates Page 10
Social Media • Facebook • Twitter • Web • FourSquare • Instagram
Powerpoint Templates Page 11
Website redesign • Blog • Social media hooks • RSS
Powerpoint Templates Page 12
Traditional methods • Email • Alerts and advisories • Printed materials • Posters • Card deck
Powerpoint Templates Page 13
Events • NCSAM • New Student Orientation • Phishing Week
Powerpoint Templates Page 14
• Information Security Guide https://wiki.internet2.edu/confluence/display/itsg2/Home
• Poster and Video Contest http://www.educause.edu/SecurityVideoContest
Resources
Powerpoint Templates Page 15
Contact me • [email protected] • @benwoelk • @rit_infosec • http://www.linkedin.com/in/benwoelk • https://www.facebook.com/RITInfosec