CyberBullying Security PowerPoint


Published on

1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

CyberBullying Security PowerPoint

  1. 1. An Introductory Slide Show
  2. 2. Vision • Active learning community – Students & teachers collaboratively exploring, sharing, and communicating with each other and the community. • Smooth operations – Administrative, business, and reporting functions run smoothly. • Public support – People know that kids are safe and schools are fulfilling their mission. 2
  3. 3. Cyber Security: Growing Concern • Student breaks into system: changes grades & taps into file of SSI numbers. Parents urged to contact credit bureaus. • Devastating virus enters system via laptop infected at teacher’s home over weekend. • Blended attacks hit multiple vulnerabilities, requiring every computer to be individually taken off line and cleaned – multiple times. • School Network “hijacked” and used as base for attacks on other locations. 3
  4. 4. What’s At Risk • Student & Staff Safety • Ability to Function • Public Support & Legitimacy • Liability • It’s not a question of “if” – but of “when and how bad!” – 2,000 to 3,000 programs are running over the Internet at all times looking for security holes! – The problem is serious and will not go away on its own. 4
  5. 5. Security Incidents and Vulnerabilities compiled by CERT®/CC* through Jan 22, 2004 160,000 4500 140,000 4000 3500 120,000 Incidents 3000 100,000 Vulnerablities 2500 80,000 2000 60,000 1500 40,000 1000 20,000 500 0 0 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 * Computer Emergency Response Team/Coordination Center For more info see 5
  6. 6. Attack Sophistication v. Intruder Knowledge Source: 6
  7. 7. Statistics: Private Sector Survey – 82% reported virus and worm attacks in last 12 months. – 42% endured denial of service attacks – 36% detected network penetrations (30% required law enforcement involvement) – 80% of respondents reported insider abuse of network access Source: 2003 “Computer Crime and Security Survey” - Computer Security Institute/FBI 7
  8. 8. Schools are Vulnerable … • Ad hoc growth of educational IT systems creates a mixed environment that is harder to manage or secure. • District IT departments are often under staffed, over stressed, under funded, and under trained. • Increased requirements for central data collections for reporting, accountability, and planning. • More use of IT in general for administrative, professional, and teaching-learning purposes. 8
  9. 9. Technology trends increase risk! • Always-on broadband or DSL. • Wireless and power-line transmission. • WIFI networks. • Outsourcing of data services and storage. • Peer-to-Peer sharing. • Take-home laptops, PDAs, and memory devices. 9
  10. 10. A Wake Up Call • Reality Check: • There is no perfect or one-time solution to security • Realistic Goal: • Risk reduction & crisis recovery – Requires constant attention, regular review 10
  11. 11. What is security? NEGATIVE: “Nothing bad happens” POSITIVE: “Everything goes well” BOTTOM LINE: Good S.O.P.* Security is a social as well as a technical process, the by-product of a community of trust created by having appropriate systems properly set up to support stakeholders’ evolving needs and good operating procedures appropriately implemented in a context of respectful interaction with and valued service to all stakeholders. * Standard Operating Procedures 11
  12. 12. How To Fulfill Your Role as Education Leaders and Concerned Citizens • Understand the risks. • Make it a priority. • Accept that it is a process. • Assume that something will go wrong. • Understand the 3 components: – People: • You need to create a community of trust! – Policy • To reduce the risks while preparing for problems – Technology • Having the right tools to implement the policies 12
  13. 13. Getting Started Begin: Authorize & Support • Set up a team – Make it a priority; – Involve different stakeholder groups Create a Plan & Take Action • Security & crisis management – Evaluate your current status – Take emergency steps – Get users involved! Communicate! – With all stakeholders; often! 13
  14. 14. The Cyber Security Protocol – 1 Set goals for Information Security Affirm – What IT tools, data, and services do IT’s role stakeholders need to meet educational & value goals? What are the values that will guide your security decision-making? Identify Performance – How do you & users know when you are Metrics succeeding? What is the desired balance between “locking everything down” and fostering a creative learning environment? 14
  15. 15. The Cyber Security Protocol - 2 Assess Risk for IT Assets Conduct Asset Inventory • Prioritize by value to the organization or Select most crucial damage inflicted if taken out of service, assets to protect disclosed, or changed. Assess Vulnerabilities & Threats Evaluate System • Physical Environment, Access Points, Components Internal Systems & Usage Patterns, Data, External Connections & Partners, Policies, People (staff adequacy & user behaviors) Prioritize Test current defenses security gaps • Internal and external attacks • Review policies & operations 15 • Evaluate architecture
  16. 16. The Cyber Security Protocol - 3 Build and Implement Security Plan Research best practice methods of dealing with each security gap. Keep security • Prioritize by potential damage, likelihood, cost, plan realistic required time, level of possible improvement, public perception. Create and implement Action Plan Keep • Assign responsibilities, set deadlines, provide focused training and budget. • Test and retest and retest again. Revise Operating Procedures Steady • Regularly repeat step 3. 16 Improvement
  17. 17. The Cyber Security Protocol - 4 Crisis Management Brainstorm crisis scenarios • Sign up for alerts. • Ask students! Develop Response Plan • to limit damage, work through recovery phase, and communicate with stakeholders. • Install as much redundancy as possible. Ensure Readiness • Test everything with simulated emergencies. • Practice again! • Incorporate lessons in revised S.O.P. 17
  18. 18. Consortium for School Networking These materials made possible through the generous support of education grants from: SonicWall, Symantec, SurfControl, & the U.S. Department of Education. • in collaboration with the Northwest Regional Education Laboratory (NWREL) – Additional support from Sun Microsystems, Microsoft Corporation, BellSouth Foundation, and a media partnership with District Administration; 18
  19. 19. Consortium for School Networking • CoSN’s mission is to advance the K-12 education community’s capacity to effectively use technology to improve learning through advocacy, policy and leadership development • The Cyber Security project is done in partnership with: Mass Networks Education Partnership 19
  20. 20. Consortium for School Networking For More Information: 20