Your SlideShare is downloading. ×
CyberBullying Security PowerPoint
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

CyberBullying Security PowerPoint

670
views

Published on


0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
670
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
24
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. An Introductory Slide Show
  • 2. Vision • Active learning community – Students & teachers collaboratively exploring, sharing, and communicating with each other and the community. • Smooth operations – Administrative, business, and reporting functions run smoothly. • Public support – People know that kids are safe and schools are fulfilling their mission. 2
  • 3. Cyber Security: Growing Concern • Student breaks into system: changes grades & taps into file of SSI numbers. Parents urged to contact credit bureaus. • Devastating virus enters system via laptop infected at teacher’s home over weekend. • Blended attacks hit multiple vulnerabilities, requiring every computer to be individually taken off line and cleaned – multiple times. • School Network “hijacked” and used as base for attacks on other locations. 3
  • 4. What’s At Risk • Student & Staff Safety • Ability to Function • Public Support & Legitimacy • Liability • It’s not a question of “if” – but of “when and how bad!” – 2,000 to 3,000 programs are running over the Internet at all times looking for security holes! – The problem is serious and will not go away on its own. 4
  • 5. Security Incidents and Vulnerabilities compiled by CERT®/CC* through Jan 22, 2004 160,000 4500 140,000 4000 3500 120,000 Incidents 3000 100,000 Vulnerablities 2500 80,000 2000 60,000 1500 40,000 1000 20,000 500 0 0 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 * Computer Emergency Response Team/Coordination Center For more info see www.cert.org 5
  • 6. Attack Sophistication v. Intruder Knowledge Source: www.cert.org 6
  • 7. Statistics: Private Sector Survey – 82% reported virus and worm attacks in last 12 months. – 42% endured denial of service attacks – 36% detected network penetrations (30% required law enforcement involvement) – 80% of respondents reported insider abuse of network access Source: 2003 “Computer Crime and Security Survey” - Computer Security Institute/FBI 7
  • 8. Schools are Vulnerable … • Ad hoc growth of educational IT systems creates a mixed environment that is harder to manage or secure. • District IT departments are often under staffed, over stressed, under funded, and under trained. • Increased requirements for central data collections for reporting, accountability, and planning. • More use of IT in general for administrative, professional, and teaching-learning purposes. 8
  • 9. Technology trends increase risk! • Always-on broadband or DSL. • Wireless and power-line transmission. • WIFI networks. • Outsourcing of data services and storage. • Peer-to-Peer sharing. • Take-home laptops, PDAs, and memory devices. 9
  • 10. A Wake Up Call • Reality Check: • There is no perfect or one-time solution to security • Realistic Goal: • Risk reduction & crisis recovery – Requires constant attention, regular review 10
  • 11. What is security? NEGATIVE: “Nothing bad happens” POSITIVE: “Everything goes well” BOTTOM LINE: Good S.O.P.* Security is a social as well as a technical process, the by-product of a community of trust created by having appropriate systems properly set up to support stakeholders’ evolving needs and good operating procedures appropriately implemented in a context of respectful interaction with and valued service to all stakeholders. * Standard Operating Procedures 11
  • 12. How To Fulfill Your Role as Education Leaders and Concerned Citizens • Understand the risks. • Make it a priority. • Accept that it is a process. • Assume that something will go wrong. • Understand the 3 components: – People: • You need to create a community of trust! – Policy • To reduce the risks while preparing for problems – Technology • Having the right tools to implement the policies 12
  • 13. Getting Started Begin: Authorize & Support • Set up a team – Make it a priority; – Involve different stakeholder groups Create a Plan & Take Action • Security & crisis management – Evaluate your current status – Take emergency steps – Get users involved! Communicate! – With all stakeholders; often! 13
  • 14. The Cyber Security Protocol – 1 Set goals for Information Security Affirm – What IT tools, data, and services do IT’s role stakeholders need to meet educational & value goals? What are the values that will guide your security decision-making? Identify Performance – How do you & users know when you are Metrics succeeding? What is the desired balance between “locking everything down” and fostering a creative learning environment? 14
  • 15. The Cyber Security Protocol - 2 Assess Risk for IT Assets Conduct Asset Inventory • Prioritize by value to the organization or Select most crucial damage inflicted if taken out of service, assets to protect disclosed, or changed. Assess Vulnerabilities & Threats Evaluate System • Physical Environment, Access Points, Components Internal Systems & Usage Patterns, Data, External Connections & Partners, Policies, People (staff adequacy & user behaviors) Prioritize Test current defenses security gaps • Internal and external attacks • Review policies & operations 15 • Evaluate architecture
  • 16. The Cyber Security Protocol - 3 Build and Implement Security Plan Research best practice methods of dealing with each security gap. Keep security • Prioritize by potential damage, likelihood, cost, plan realistic required time, level of possible improvement, public perception. Create and implement Action Plan Keep • Assign responsibilities, set deadlines, provide focused training and budget. • Test and retest and retest again. Revise Operating Procedures Steady • Regularly repeat step 3. 16 Improvement
  • 17. The Cyber Security Protocol - 4 Crisis Management Brainstorm crisis scenarios • Sign up for alerts. • Ask students! Develop Response Plan • to limit damage, work through recovery phase, and communicate with stakeholders. • Install as much redundancy as possible. Ensure Readiness • Test everything with simulated emergencies. • Practice again! • Incorporate lessons in revised S.O.P. 17
  • 18. Consortium for School Networking These materials made possible through the generous support of education grants from: SonicWall, Symantec, SurfControl, & the U.S. Department of Education. • in collaboration with the Northwest Regional Education Laboratory (NWREL) – Additional support from Sun Microsystems, Microsoft Corporation, BellSouth Foundation, and a media partnership with District Administration; 18
  • 19. Consortium for School Networking • CoSN’s mission is to advance the K-12 education community’s capacity to effectively use technology to improve learning through advocacy, policy and leadership development www.cosn.org • The Cyber Security project is done in partnership with: Mass Networks Education Partnership www.massnetworks.org 19
  • 20. Consortium for School Networking For More Information: http://securedistrict.cosn.org 20