National Cyber Security Awareness Month
The University System of Georgia - Office of Information Security, brings you National Cyber Security Awareness Month (NCSAM) in October 2009.
National Cyber Security Awareness Month is a national campaign designed to increase the public's awareness of cyber security and crime issues, so that users can take precaution to avoid these threats on the Internet. The month will feature public relations activities, educational programs, events and initiatives throughout October that targets home users, small businesses, education audiences (K-12 and higher education), and child safety online.
Overview
The University System of Georgia - Office of Information Security will provide an annual security & electronic privacy conference on methods and practices for safe computing, information security and electronic privacy. Our audience is diverse in their knowledge of computing including everyone from experts in the field to the novice who wants to learn more on how to keep their computer and sensitive information more secure. The slogan for this year's event is "building a culture of awareness and preparedness."
The 2009 Cyber Security Awareness Month activities will be posted on September 18th, 2009.
Following is the list of activities offered by the USG Office of Information Security during the Cyber Security Month in 2009.
Events
USG National Cyber Security Awareness Month - 2009 Events 
USG InfoSec WIMBA Classroom Connection Instructions
| WIMBA PRESENTATIONS | |||||||
|---|---|---|---|---|---|---|---|
| DATE | SESSION | Estimated Time of Presentation (EST) | USO-LOCATION | ATHENS-LOCATION | PRESENTER | ABSTRACT | GIVE AWAY |
| 30-Sep | Proclamation by Chancellor - System-Wide Webcast | 11:15-11:45 | WebCast | Presentation Room - 112 | Chancellor & Stanton Gatewood | The Chancellor of the University System of Georgia will sign an proclamation for USG National Cyber Security Awareness Month - 2009 | |
| 1-Oct |
What is Sensitive Data?
|
11:15-11:45 | 6059 | 160* | Kimberly Ballard-Washington & Stanton Gatewood | USG Legal Affairs & USG InfoSec will discuss the question, "what is sensitive data?" and what makes it "sensitive?" | |
| 1-Oct |
WEBCAST - Transparent Data Encryption: New Technologies and Best Practices for Database Encryption
|
Follow Link | Webcast | Webcast | Barbara Filkins, Jim Hietala, and Roxana Bradescu | ||
| 2-Oct |
Legal Terms
|
9:00-9:30 | 6059 | 160* | Kimberly Ballard-Washington & Stanton Gatewood | USG Legal Affairs and USG InfoSec will discuss IT/IS legal terminology and definitions all IT and/or security personnel should know. | |
| 2-Oct | IT/IS Laws and Regulations | 10:00-10:45 | 6059 | 160* | Kimberly Ballard-Washington & Stanton Gatewood | ||
| 5-Oct | Rest Secured - Encryption | 11:00-11:45 | 6059 | 160* | Steven Jeanselme, SE Enterprise Account Manager | PGP encryption solutions secure data at rest and in motion. | TSA Approved Laptop Bag & Digital Picture Frame |
| 6-Oct |
The Direction of Information Security & Electronic Privacy at the USG.
|
11:00-11:45 | 6059 | 160* | Stanton Gatewood | "If security is a journey and not a destination! Where are headed and are we there yet?". USG InfoSec will discuss the USG Strategic Security Roadmap and building a Strategic Information Security Program.
Theme: "...building a culture of awareness and preparedness..." |
|
| 7-Oct |
WEBCAST - Finding the Root Cause of Any Security Alert - Fast
|
Follow Link | WEBCAST | WEBCAST | Matt Dieckman and Joe Levy | ||
| 7-Oct |
USG IT/IS Policy Development Workshop
|
11:00-11:45 | 6059 | 160* | Stanton Gatewood & Kimberly Ballard-Washington | How does an information security (IS) or information technology (IT) policy get developed and approved? USG InfoSec along with USG Legal Affairs will walkthrough what is a policy, a standard and a guideline, also discuss the policy development process/flow. | |
| 8-Oct |
WEBCAST - IT Audit for the Virtual Environment
|
Follow Link | WEBCAST | WEBCAST | J. Michael Butler, Rob Vandenbrink, & Charu Chaubal | ||
| 8-Oct |
USG IT/IS Policy Development Workshop
|
9:00-10:00 | 6059 | 160* | Stan Gatewood & Kimberly Ballard-Washington | ||
| 8-Oct |
WEBCAST - IT Audit for the Virtual Environment
|
Follow Link | WEBCAST | WEBCAST | J. Michael Butler, Rob Vandenbrink, & Charu Chaubal | ||
| 9-Oct | UGA Information Security - Risk Management | 11:00-11:45 | 6059 | 160* | Brian Rivers (Director, University Information Security, UGA) & Stanton Gatewood | This presentation will focus on the implementation of efficient risk management methods and tools that can help reduce the overhead of this process on your organization. | |
| 12-Oct | Building a vulnerability management program starting with the basics. | 11:00-11:45 | 6059 | 160* | Walter Ray, Director of Security Administration / CISO - MCG | This presentation will focus on building effective business processes in support of vulnerability management. Walter will explain why choosing a vulnerability scanner is the least difficult part of vulnerability management and why infosec managers should focus more on effective business processes that enable the discovery and remediation of security vulnerabilities. | |
| 13-Oct |
"Your laptop is lost - now what?"
|
11:00-12:00 | 7059 | 160* | Bill Hunka - Absolute Software, Director, Business Development- & Stanton Gatewood | Discussion of layered approach to client security for the public sector across State & Local Government, Higher Education, and K-12 environments. Visibility into trends, major statistics, and a demonstration of Absolute Software's Computrace service platform for theft recovery, data deletion, and secure asset tracking. | Netbook Computer |
| 14-Oct | NONE SCHEDULED | ||||||
| 15-Oct | NONE SCHEDULED | ||||||
| 16-Oct | NONE SCHEDULED | ||||||
| 19-Oct |
Continuity of Operations Workshop (Intro to GTA-LDRPS)
|
Available online via WIMBA anytime | 6059 | 160* | Jack Welch - GTA & Stanton Gatewood | How do you build a successful continuity of operations plan and what are the major components. | |
| 20-Oct | Vista Learning and Security Courses | 11:00-11:30 | 6059 | 160* | Ginger Durham, Project Manager for Instructional Development | Vista 8 is increasingly being used to offer online instruction to include statewide training efforts. The basaic interface and its capabilities will be addressed in the presentation. | |
| 21-Oct |
eCompliantz, LLC, HITECH Act and State Breach Laws - The Financial Nightmare |
11:00-11:45 | 6059 | 160* | Dr Steven Cummings, CISA, CISSP, CHSP, BCP, NSA - InfoSec | Congress has passed the most far reaching and punitive legislation in many years to coincide with the move to Electronic Medical Records. With a fine of $50,000 per compromised record plus penalties assessed for state breach law violations plus the potential loss of research grants for compliance violations, the financial impact could be enormous. Enforcement teams are well funded by TARP funds with "whistle blowers" receiving 10% of the assessed fines, so the likelihood of being reported and audited is high. Targets of enforcement are not only institutions but also managers responsible for PII. We will address the major components in this regulation, how to maintain compliance and what defense you employ if reported and audited. | |
| 21-Oct |
WEBCAST - Automated Malware Threat Analysis: Getting actionable intelligence on attacks effectively and efficiently
|
Follow Link | WEBCAST | WEBCAST | Chad Loeven and Brian Jack | ||
| 22-Oct |
Proactive Application Security
|
11:00-11:45 | 6059 | 160* | Mark Reardon - GTA-CISO and Senior Technology Planning Officer | How the State of Georgia is integrating information security into its overall IT governance framework for managing the state's IT investment and risk portfolio. | |
| 23-Oct |
IronKey, The World's most Secure Flash Drive with Identity Protection Services
|
11:00-12:00 | 6059 | 160* | Steve Gehris, Eastern Region Channel Sales Mgr. Bill Abroms
Graduate from Northeastern University's College of Criminal Justice 1976. Started ABCUS Inc in June 1987. One of the first VAR's to outsource IT consultants and sales engineers to support product mix. Started working with Portable Forensic Data collection products in 1997 to present. Combined product mix with emphasis on securing the work-place with, Secure USB Flash Drives, Virtual Desktop, Intrusion Prevention, Blu-Ray and Email archiving, using proven technologies. |
Independent research indicates that a key security risk, that might be overlooked a most organization, is the protection of Mobile Data. At a minimum, removable media should be addressed in the Corproate Security Policy. By standardizing and enforcing a policy of using password protected encrypted flash drives, you will insure that any data that leaves your premises on a USB Drive will be secure. Once that policy decisiion is made, considerations must be given on how to Centrally Manage those devices to ensureproper security protocols and policies are followed. ironKey's Enterprise Product will allow you to do precisely this. IronKey is recognized as the "World's Most Secure Flash Drive, by Government Computer News, Computer World, SC magazine and many other independent organizations. | IronKeys - Assorted sizes |
| 26-Oct |
Payment Card Industry Data Security Standard (PCI-DSS) and Payment Applications Data Security Standard (PA-DSS)
|
11:00-11:45 | 6041 | 160* | Murray Montgomery, Jr., CPP Womple, LLC & Stanton Gatewood | Womple, LLC will discuss the ins/outs of Payment Card Industry and Payment Application Data Security standards. | |
| 27-Oct |
Emergency Operations Planning
|
11:00-11:45 | 6041 | 160* | Bruce Holmes, Chief of Police, Director Safety & Security, Board of Regents | Overview of the USG emergency planning, preparedness, recovery and mitigation efforts, requirements for successful plans. | |
| 29-Oct |
SANS - Top Cyber Security Risks-Special Report |
10:00-11:30 | 6041 | 160* | Rob Lee, SANS Certified Instructor | Two risks dwarf all others, but organizations fail to mitigate them. The Top Cyber Security Risks features attack data from TippingPoint intrusion prevention systems protecting 6,000 organizations, vulnerability data from 9,000,000 systems compiled by Qualys, and additional analysis and tutorial by the Internet Storm Center and key SANS faculty members. See the full report online at (http://www.sans.org/top-cyber-security-risks/), but don't miss this summary presentation by Rob Lee as he walks you through the report and its importance. | SANS T-Shirts & Free SANS on demand security class |
| 30-Oct |
Information Security Program Reporting (Governor's Executive Order)
|
11:00-11:45 | 6041 | 160* | Walter Tong (GTA-Director, Enterprise Information Security) & Stanton Gatewood | "The Road to Security Reporting" - a discussion of the history behind the state requirement for agency information security reporting and subsequent steps towards IT security maturity as it relates to the maturity of enterprise IT. | |
Resources
"Building an Information Technology Security Awareness and Training Program," National Institute of Standards and Technology Special Publication 800-50, Oct. 14, 2003
"Developing Security Education and Awareness Programs" by Shirley Payne
National Cyber Security Awareness Month - 2009 resources:
The University System - Office of Information Security (OIS) web site contains links to other sites that are not owned or controlled by us. The information provided at these sites does not reflect the views of this Office or indicate an endorsement of a particular company or product. Please be aware that our Office is not responsible for the security and privacy practices of such other sites.