8:30 Doors Open, Continental Breakfast, Registration
9:00 Introduction & Welcome, David Millar & Michael Bourque, Boston College
9:15 Moving to the cloud - resistance is futile
Joel Rosenblatt, Columbia University
I will explore the history of cloud computing (did you know that this existed as far back at 1949) and how it will continue on into the future. Since I'm a security geek, there will be information on security in the cloud. For a preview, you can read
Please come with questions - I hope that we can have a cloud conversation.
10:00 Coffee Break
10:15 Information Stewardship Governance program
Jess Frisch, Beth Knauss, Lorna Koppel, Tufts University
Until 2005, Tufts still used SSNs as student IDs. Early attempts to clean up from this practice failed because we lacked an understanding of who used and owned the data and whether or not it was even needed any longer. We found that we need to better understand:
Why Tufts sensitive data is needed
How it is used, and
Where it is stored
We will review our first phase of building a web portal to support our Tufts Information Stewards in gathering and maintaining this data. We will also describe future ideas and challenges we will likely need to overcome.
11:00 SWID tags
Brant Cheikes, Principal Cybersecurity Engineer at The MITRE Corporation
International Organization for Standardization (ISO)/International Electrotechnical Commission (ISO/IEC) 19770-2 specifies an international standard for software identification tags, also referred to as SWID tags. A SWID tag is a formatted set of data elements that collectively identify and describe a software product. Although SWID tags were originally motivated by the desire to enhance software asset management (SAM) processes, they also have the potential to enhance a wide range of cybersecurity processes, including vulnerability management, software whitelisting/blacklisting, and detection of software tampering. To that end, NIST is developing detailed tag implementation guidance and usage scenarios to promote creation and use of SWID tags for cybersecurity in addition to traditional SAM usage. This session will present an overview of the cybersecurity-focused guidance and usage scenarios, and will help prepare participants not only to contribute to further clarification and refinement of the guidance and usage scenarios, but also to create and consume conforming tags for cybersecurity purposes.
1:00 REN-ISAC Update
1:15 Detecting and investigating an APT attack
Nathan Hall, Harvard University
During 2015, Harvard University was the target of multiple APT actors (i.e. professional hacking groups working for a foreign government). This presentation will take you through one successful intrusion that spanned multiple months. The presentation will cover the attacker's MO and tools they used, how we detected and investigated the intrusion, and finally our lessons learned and remediation efforts.
2:00 Creating a good business relationship between IT and Treasury for PCI compliance
Stephanie Breen, Miguel Sanchez, Harvard University
Let’s face it, business and security people don’t speak the same language. When Security folks start talking about firewalls and penetration testing, it pretty much sounds like Romulan to the average Treasury analyst. When Treasury folks start talking about self-assessment questionnaires and PCI Compliance Data Security Standards, it pretty much sounds like igpa atinla (pig latin) to the IT analyst.
Your security team doesn’t know about x. Your treasury doesn’t know about y. And your merchants don’t care about either. They just want to get paid. How do you bridge the gap and get your merchants to do the right thing? Come to this talk and learn:
How to create a cohesive relationship between Treasury and Security, starting from the top
What the benefits are to merchants
Beyond theory, see what this relationship looks like in practice at Harvard
3:00 Database security with Guardium
Vijaya Kommineni, Boston College
When it comes to database access monitoring and protection, is default security enough? We will review how the Boston College DBA and Security teams monitor access to our critical databases. We will discuss the tools we use and the policies and controls in place to protect the data.
3:45 Security certifications
Panel organizer: Dan Sarazen, The Boston Consortium
Panelists: Jamie John, Boston College; Christina Mazzone, (ISC)2; Larry Wilson, University of Massachusetts
We will conduct a round-table discussion of the various IT security certifications (CISA, CISM, CISSP, GIAC, etc.) covering the differences between organizations, as well as the certifications.