In this interview, David talks about the lessons he learned as CISO of Brown University, he discusses unique BYOD challenges, the value of education for the modern IT security professional, and much more.
How many incidents do you deal on a yearly basis? What type of threats present the biggest headache?
As a CISO of a university that has a great deal of decentralization, incidents are a part of daily life. Whether is it a compromised host, an account that is sending spam messages or attacks on the border, we are almost always researching, watching or addressing an incident.
Hard numbers are difficult to determine (and I would not share it anyway), but it is safe to say it would be in the hundreds, although the incidents would be of varying degrees. Only a small percentage would escalate up our Incident Response process for a widespread impact. Our biggest threat is compromised hosts, which often occur in a decentralized area, but not always.
Higher education is an open environment, where information sharing and academic freedom is important to the culture and the individuals. As a result, servers are sometimes built in a way that makes them vulnerable to attack or compromise. We work with the owners and admins of a compromise to correct the vulnerability quickly and efficiently, in order to not hinder the work that the server is doing. Identification and mitigation time are both critical metrics to look at and analyze.
We also take each event as a learning opportunity to get the security message across and reduce the possibilities of further issues. Of course, we also have instances of phishing and spam attacks, but a compromised server is our biggest concern.
How do you deal with BYOD in an environment where probably every student has at least one mobile device?
Higher education has been dealing with BYOD for a very long time, especially with both faculty and student populations. And we are constantly in need of upkeep as the latest and greatest technologies arrive on our campus after each summer and holiday breaks. And you are correct in your assumption of “at least one”. We actually deal with BYODs, as each student arrives with multiple smart devices, laptops, wireless printers and gaming devises, as well as emerging TV and video devices.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.