A brief overview of some of the Governance Risk and Compliance teams operations focusing on the risk assignment process specifically ‘What happens when the risk is higher than normal?’ and job aids to help IT professionals with compliance to the University IT controls and Federal and State Regulatory requirements.
Tag: Larry Dunham
Third Party Risk Management at the University of Illinois
Tags: Joe Sebright, Josh Erenberg, Larry DunhamA successful information security program is built on the bedrock of risk management. One major area of digital risk comes from the University’s relationship with third parties. Digital risk management includes the identification and treatment of risk in information assets as well as allocation of resources necessary to treat risk. In this session, we will […]
Information Security
Tags: Chuck Geigner, Jeremy Watson, Larry Dunham, Taylor JuddOpen discussion on information security on our campus.
Year of Email
Tags: Josh Mickle, Larry Dunham, Taylor JuddEmail is one of the most-used tools at the university, a tool that was invented at a time when security was not a primary consideration for work processes. For that reason, today it is one of the most-used attack vectors to gain illicit access to information. Email can be used to deliver malware, to trick […]
Data Risk Decision-Making
Tags: Larry DunhamHow secure is secure enough? Universities work with more restricted data than the average organization. HIPAA, FERPA, GLBA, PCI, EAR, ITAR, PIPA all figure into the data decisions that affect business processes across the university. This presentation discusses a risk-based approach to making those decisions.
Classy Data Management
Tags: Larry DunhamThe University is charged with storing all sorts of data, some of which has special handling requirements based on legal, regulatory and/or policy requirements. This session is designed to be a primer on understanding the basic types, and how the requirements could affect projects.
Scanning, Two-Factor, and Exposure – Security Tools
Tags: Larry Dunham, Steve GatsesAn introduction to new security tools offered by The Office of Privacy and Information Assurance, with a particular focus on vulnerability assessment, identifying your network’s exposure to the internet, and two-factor authentication.