On the Campus Network: Cybersecurity for Research & Defense in Depth
Time 05/07/18 10:30AM-11:45AM
Room Pacific 16-17
Two talks on this topic will be presented during this session:
- "Cybersecurity for Research on Campus: Not Just HIPAA & FISMA" (Basney): “Research” is diverse and that diversity is reflected in its needs for information security. While the needs for some research are clear - e.g. research driven by regulated data - the security needs of other research is less clear. This session will provide an ontology of the spectrum of research from a security perspective, how to categorize it, and how to start assessing and managing risk. It will cover research with regulated data as well as research with less well-defined needs such as “open science”, illustrating each case through tabletop exercises.
- ""Defense-In-Depth": 2017 edition" (Borinski): What defines Defense-in-Depth in the modern era? Next-generation firewalls/endpoint/IDS? Policy, process and metrics? The Cloud, SaaS and MSSP? What about Open Source solutions? Or Red Teams and threat hunting? What's the answer? (spoiler: "All of the Above") This talk will include a brief retrospective of the last ~30 years of Network Security, including the presenters' experience with early InfoSec methods and and in securing sensitive-data environments in a large, distributed campus environment. The session will discuss modern Defense-in-Depth, why this practice still matters, and the practical applications of leveraging and integrating threat intel into monitoring and detection systems and automating response and mitigation activities. The presenters will discuss the differences, strengths and weakness of both MSSP and Open Source threat detection platforms, as well as how both models can work together to provide superior visibility of advanced threat actors, sharing lessons from recent experience deploying both Open Source and commercial systems for campus-wide network threat detection. The session will also discuss the use of zero-day threat detection systems, network and email-based sandboxing, NGFWs, RPZ firewalls, and automated response as further defense in depth approaches.
Speaker James Basney University of Illinois - Urbana-Champaign
Speaker Jason Borinski University of California - San Diego
Speaker Anurag Shankar Indiana University
Primary track Trust, Identity, and Security