Cybersecurity Awareness Month – Recap of the Welcome to 2021 Orientation for Higher Ed Information Security and Privacy

By Nick Lewis, Program Manager, NET+ Cloud Services – Security and Identity

Estimated reading time: 4 minutes

It’s always great to hear from campuses about what they like about the community and how it has benefited them! The Welcome to 2021 Orientation for Higher Ed Information Security and Privacy panel talked about so many community resources that it was difficult to keep up with and we only talked about a couple of the options.

Many thanks to our panelists Mike Mays from University of Delaware, Ashley Valentijn from University of Illinois, Zarmeena Waseem from the National Cyber Security Alliance, Cheryl Washington from University of California, Davis for participating, Brian Kelly from EDUCAUSE, and Kim Milford from the REN-ISAC for co-hosting with me this great panel! 

We heard about many of the options and how having so many options can make it difficult for new and returning people to the community to find the group they’re interested in; so we’re following up with a listing of the resources along with the recording from the panel. In case you missed it, or would like to review it, check out the video.

Favorite Community Resources from Panelists

-Mike Mays from University of Delaware shared that his favorite community resource was the IAM listserv and the security listserv which are now hosted on the new EDUCAUSE Connect. He also relies on the Internet2 and InCommon Slack channels as well as InCommon/Internet2’s BaseCAMP in July.

-Ashley Valentijn from University of Illinois shared that her favorite resource was planning the EDUCAUSE Cybersecurity and Privacy Professionals Conference online. Getting involved with this conference, mentoring programs and community groups helps tackle tough situations.

-Zarmeena Waseem from the National Cyber Security Alliance shared her favorite resource was a combination of Slack channels, working groups and conferences so the cybersecurity community can help with validation on ideas.

-Cheryl Washington from University of California, Davis shared her favorite resource was participating in committees for REN-ISAC, Internet2 and EDUCAUSE. She also served as a faculty member for the EDUCAUSE Leadership Institute to teach and mentor others. Cheryl currently serves on the Board of Directors for EDUCAUSE. These communities shaped her thoughts, philosophy and understanding on creating cybersecurity programs while working in higher education.

“If there are individuals on your campus who are committed to working on security challenges or support your security strategy, they should be mentored and supported in their advocacy of cybersecurity. Serving as security ambassadors should also be part of the security team staffs’ responsibilities. Adding more people (ambassadors, staff, etc.) to our cause will help cybersecurity become part of the campus culture over time.”

Cheryl Washington, Chief Information Security Officer with the University of California, Davis

Comments and Resources from the Community

The panel also responded to a question from an attendee on the call who asked: 

“My main concern is being at a small college. We do not have the resources for a dedicated security person, and most of the responsibilities fall on me as the CIO. I wondered if I should contract out those services. I feel prepared but maybe my feelings are not sufficient!” 

The panel shared their thoughts, and one aspect from the discussion was that even the largest campuses rarely have enough resources and thus contract services out so they can try to manage everything. One of the resources shared around that question was the EDUCAUSE HEISC Budget-Conscious Information Security Resources.

EDUCAUSE, Internet2, and REN-ISAC have numerous opportunities and have webpage resources that list these great opportunities for community engagement and professional development. Kim, Brian, and I work together along with the teams at our organizations on cybersecurity and privacy in higher education as well as running programs for the community. These programs can be used by higher education institutions in securing their campuses and addressing privacy through engaging with the community. Here’s a quick rundown of the resources:

-EDUCAUSE has webpages that describe the Cybersecurity Program community and events opportunities where people can join constituent or working groups including the new EDUCAUSE Connect community platform. Ashley is the Program Committee Chair leading the program committee that will be engaging with the community in the call for proposals for the Cybersecurity and Privacy Professionals Conference for 2022. 

-Internet2 has several resources for the security community and opportunities for engagement. There will be additional blogs for Cybersecurity Awareness month with further details on Internet2 around the cybersecurity community engagement to be published throughout this month. 

-The REN-ISAC has opportunities for engagement via events, governance and advisory groups, and the Security Event System.

Closing

It was hard to get everything into one webinar and follow-up blog, so feel free to reach out to us if you have any questions or want to get involved! If you missed the live panel or want to listen to it again, we’ve posted the recording for you. We’re trying to get new people engaged in the community, so if you know someone new, please share this with them! There are working groups and many other ways for you to get involved in advancing information security and privacy across the community. We’d love to hear your thoughts around cybersecurity and privacy! Reflect on ways your own institution is enhancing security and privacy by tweeting @HEISCouncil, @Internet2, and @renisac and #BeCyberSmart or directly contacting and sharing how you participated in Cybersecurity Awareness Month.