8:30 Doors Open, Continental Breakfast, Registration
9:00 Introduction & Welcome, David Escalante & Michael Bourque, Boston College
9:15 Direct-Deposit Phishing Attacks in Higher Education
Quinn Shamblin, Boston University
There has been a spate of these attacks since mid-2013. The threat will be outlined, together with the circumstances surrounding the Boston University event and corrective actions.
10:00 Coffee Break
10:15 DLP -- How a Lot of Effort Can Potentially Save You a Lot of Money
Joel Rosenblatt, Columbia University
DLP or Data Loss Prevention is the art of keeping sensitive information from leaking out of your organization, either by accidental exposure (I didn't know that putting the payroll file on the Web was bad) or through hacking. In either case, there are laws in place in most states that impose strict regulations on this and can potentially cost your school a lot of money. This talk will present some of the programs and policies that Columbia University has put in place to try and reduce our exposure to data loss.
11:00 The Cyber Threat Landscape in Education
Renault Ross, Symantec
This presentation will describe the growing epidemic of Cyber Threats targeting higher education. These threats include the widespread chronic problems of spam, malware, APT’s, phishing, hacktivists and watering hole attacks.
An industry best practice to reduce the risk of breaches and attacks will be discussed, including Security Program methodologies and technical controls.
11:45 Database Protection Software
Patrick Cain, Cooper-Cain; Vijaya Kommineni, Boston College
Boston College has been evaluating products in this space. The presentation will describe what the products do, what to look for in terms of requirements, and BC's experiences in running a proof of concept/bakeoff of some of the products.
1:30 Higher Education and National Security: The targeting of US students traveling abroad
Carmine Nigro, Special Agent, FBI Boston
Glenn Duffie Shriver was a student fulfilling his dream of a year abroad in Shanghai when he was befriended by three Chinese Intelligence officers. What first seemed like an innocent offer of friendship and a scholarship resulted in a life-altering event.
2:15 Husky Hunt: Social Media Driven Gaming to Engage Students in Security Awareness
Jason Pufahl, University of Connecticut
Delivering student security awareness training that's meaningful, interactive, fun, and repeatable.
3:15 Choosing a Cloud Security Architecture
David Millar, Boston College
Different IaaS vendors provide different capabilties in terms of baked-in security. Security can also be layered on top of their offerings. This talk will cover several models for doing security "in the cloud" and provide an overview of the security offering of several popular IaaS providers.
4:00 Using BRO (panel)
Nathan Hall, Boston College; Paul Nash, Tufts
The BRO network security monitor is a free tool that combines elements of netflow, IDS, and URL monitoring, among other capabilities. This panel will have schools that have implemented BRO discuss the tool and how they're using it. (www.bro.org)