Your SlideShare is downloading. ×
CyberBullying Security PowerPoint
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

CyberBullying Security PowerPoint


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide


  • 1. An Introductory Slide Show
  • 2. Vision • Active learning community – Students & teachers collaboratively exploring, sharing, and communicating with each other and the community. • Smooth operations – Administrative, business, and reporting functions run smoothly. • Public support – People know that kids are safe and schools are fulfilling their mission. 2
  • 3. Cyber Security: Growing Concern • Student breaks into system: changes grades & taps into file of SSI numbers. Parents urged to contact credit bureaus. • Devastating virus enters system via laptop infected at teacher’s home over weekend. • Blended attacks hit multiple vulnerabilities, requiring every computer to be individually taken off line and cleaned – multiple times. • School Network “hijacked” and used as base for attacks on other locations. 3
  • 4. What’s At Risk • Student & Staff Safety • Ability to Function • Public Support & Legitimacy • Liability • It’s not a question of “if” – but of “when and how bad!” – 2,000 to 3,000 programs are running over the Internet at all times looking for security holes! – The problem is serious and will not go away on its own. 4
  • 5. Security Incidents and Vulnerabilities compiled by CERT®/CC* through Jan 22, 2004 160,000 4500 140,000 4000 3500 120,000 Incidents 3000 100,000 Vulnerablities 2500 80,000 2000 60,000 1500 40,000 1000 20,000 500 0 0 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 * Computer Emergency Response Team/Coordination Center For more info see 5
  • 6. Attack Sophistication v. Intruder Knowledge Source: 6
  • 7. Statistics: Private Sector Survey – 82% reported virus and worm attacks in last 12 months. – 42% endured denial of service attacks – 36% detected network penetrations (30% required law enforcement involvement) – 80% of respondents reported insider abuse of network access Source: 2003 “Computer Crime and Security Survey” - Computer Security Institute/FBI 7
  • 8. Schools are Vulnerable … • Ad hoc growth of educational IT systems creates a mixed environment that is harder to manage or secure. • District IT departments are often under staffed, over stressed, under funded, and under trained. • Increased requirements for central data collections for reporting, accountability, and planning. • More use of IT in general for administrative, professional, and teaching-learning purposes. 8
  • 9. Technology trends increase risk! • Always-on broadband or DSL. • Wireless and power-line transmission. • WIFI networks. • Outsourcing of data services and storage. • Peer-to-Peer sharing. • Take-home laptops, PDAs, and memory devices. 9
  • 10. A Wake Up Call • Reality Check: • There is no perfect or one-time solution to security • Realistic Goal: • Risk reduction & crisis recovery – Requires constant attention, regular review 10
  • 11. What is security? NEGATIVE: “Nothing bad happens” POSITIVE: “Everything goes well” BOTTOM LINE: Good S.O.P.* Security is a social as well as a technical process, the by-product of a community of trust created by having appropriate systems properly set up to support stakeholders’ evolving needs and good operating procedures appropriately implemented in a context of respectful interaction with and valued service to all stakeholders. * Standard Operating Procedures 11
  • 12. How To Fulfill Your Role as Education Leaders and Concerned Citizens • Understand the risks. • Make it a priority. • Accept that it is a process. • Assume that something will go wrong. • Understand the 3 components: – People: • You need to create a community of trust! – Policy • To reduce the risks while preparing for problems – Technology • Having the right tools to implement the policies 12
  • 13. Getting Started Begin: Authorize & Support • Set up a team – Make it a priority; – Involve different stakeholder groups Create a Plan & Take Action • Security & crisis management – Evaluate your current status – Take emergency steps – Get users involved! Communicate! – With all stakeholders; often! 13
  • 14. The Cyber Security Protocol – 1 Set goals for Information Security Affirm – What IT tools, data, and services do IT’s role stakeholders need to meet educational & value goals? What are the values that will guide your security decision-making? Identify Performance – How do you & users know when you are Metrics succeeding? What is the desired balance between “locking everything down” and fostering a creative learning environment? 14
  • 15. The Cyber Security Protocol - 2 Assess Risk for IT Assets Conduct Asset Inventory • Prioritize by value to the organization or Select most crucial damage inflicted if taken out of service, assets to protect disclosed, or changed. Assess Vulnerabilities & Threats Evaluate System • Physical Environment, Access Points, Components Internal Systems & Usage Patterns, Data, External Connections & Partners, Policies, People (staff adequacy & user behaviors) Prioritize Test current defenses security gaps • Internal and external attacks • Review policies & operations 15 • Evaluate architecture
  • 16. The Cyber Security Protocol - 3 Build and Implement Security Plan Research best practice methods of dealing with each security gap. Keep security • Prioritize by potential damage, likelihood, cost, plan realistic required time, level of possible improvement, public perception. Create and implement Action Plan Keep • Assign responsibilities, set deadlines, provide focused training and budget. • Test and retest and retest again. Revise Operating Procedures Steady • Regularly repeat step 3. 16 Improvement
  • 17. The Cyber Security Protocol - 4 Crisis Management Brainstorm crisis scenarios • Sign up for alerts. • Ask students! Develop Response Plan • to limit damage, work through recovery phase, and communicate with stakeholders. • Install as much redundancy as possible. Ensure Readiness • Test everything with simulated emergencies. • Practice again! • Incorporate lessons in revised S.O.P. 17
  • 18. Consortium for School Networking These materials made possible through the generous support of education grants from: SonicWall, Symantec, SurfControl, & the U.S. Department of Education. • in collaboration with the Northwest Regional Education Laboratory (NWREL) – Additional support from Sun Microsystems, Microsoft Corporation, BellSouth Foundation, and a media partnership with District Administration; 18
  • 19. Consortium for School Networking • CoSN’s mission is to advance the K-12 education community’s capacity to effectively use technology to improve learning through advocacy, policy and leadership development • The Cyber Security project is done in partnership with: Mass Networks Education Partnership 19
  • 20. Consortium for School Networking For More Information: 20