Skip to main content

Secondary navigation:

2014 Agenda

 8:30   Doors Open, Continental Breakfast, Registration

 9:00   Introduction & Welcome, David Escalante & Michael Bourque, Boston College

 9:15   Direct-Deposit Phishing Attacks in Higher Education

Quinn Shamblin, Boston University

There has been a spate of these attacks since mid-2013.  The threat will be outlined, together with the circumstances surrounding the Boston University event and corrective actions.

10:00   Coffee Break

10:15  DLP -- How a Lot of Effort Can Potentially Save You a Lot of Money

Joel Rosenblatt, Columbia University

DLP or Data Loss Prevention is the art of keeping sensitive information from leaking out of your organization, either by accidental exposure (I didn't know that putting the payroll file on the Web was bad) or through hacking. In either case, there are laws in place in most states that impose strict regulations on this and can potentially cost your school a lot of money. This talk will present some of the programs and policies that Columbia University has put in place to try and reduce our exposure to data loss.

11:00   The Cyber Threat Landscape in Education

Renault Ross, Symantec

This presentation will describe the growing epidemic of Cyber Threats targeting higher education.  These threats include the widespread chronic problems of spam, malware, APT’s, phishing, hacktivists and watering hole attacks.

An industry best practice to reduce the risk of breaches and attacks will be discussed, including Security Program methodologies and technical controls.

11:45   Database Protection Software

Patrick Cain, Cooper-Cain; Vijaya Kommineni‎, Boston College

Boston College has been evaluating products in this space. The presentation will describe what the products do, what to look for in terms of requirements, and BC's experiences in running a proof of concept/bakeoff of some of the products.

 12:30   Lunch

 1:30   Higher Education and National Security: The targeting of US students traveling abroad

Carmine Nigro, Special Agent, FBI Boston

Glenn Duffie Shriver was a student fulfilling his dream of a year abroad in Shanghai when he was befriended by three Chinese Intelligence officers.  What first seemed like an innocent offer of friendship and a scholarship resulted in a life-altering event.

 2:15   Husky Hunt: Social Media Driven Gaming to Engage Students in Security Awareness

Jason Pufahl, University of Connecticut

Delivering student security awareness training that's meaningful, interactive, fun, and repeatable.

 3:00   Break

 3:15  Choosing a Cloud Security Architecture
David Millar, Boston College

Different IaaS vendors provide different capabilties in terms of baked-in security. Security can also be layered on top of their offerings. This talk will cover several models for doing security "in the cloud" and provide an overview of the security offering of several popular IaaS providers.

 4:00  Using BRO (panel)
Nathan Hall, Boston College; Paul Nash, Tufts

The BRO network security monitor is a free tool that combines elements of netflow, IDS, and URL monitoring, among other capabilities. This panel will have schools that have implemented BRO discuss the tool and how they're using it. (

 4:45   End