The Diversity of Security Challenges in Higher Education
Now. What is it like? Every year you have a new batch of of students coming on board and they all want to connect to your network I mean what's the? What's the reality of that situation from a security point of view It is a lot of prep-work over the summertime, a lot of you know repair and refine and and. You know replace things that aren't doing well, and then when you know we get about two weeks out from classes starting. which this year is September second. So we're kind of in that zone right now. That's where we're making sure that everything is working. In it in. Its, optimum. Capacity and capability. Following that it's you know let's continue planning for whatever is going to happen next you know we the spring term winter spring term in in January this past year and nobody anticipated. Kobe I I'm not. You know I'm sure that there was an -ticipant because the the fun part of that is we actually did a pandemic tabletop exercise in the division of Information Technology, which is the central a unit on campus. We do that path the fall of twenty and eighteen. So we hit already kind of work through some of the. You know the communications challenges and the organizational challenges so when it came time to do. The transition from online or from in person courses to online courses, we were able to do that in very short time and that included transitioning thirty seven hundred core courses. From in person delivery to online delivery so that really served you well, I and it was the preparation time and it was the understanding. Of what we would need to do and it was also, you know checking those channels you know. I've done some business continuity work in my in my pass and a business continuity plan to just never exercise it's not a plan. It's a bunch of on paper so So we were able to walk through and validate that and that's the kind of work we do during the school year. And we take our you know kind of slowdown period so. Beginning summer you know everybody takes a deep breath and then we exhaling get back to work you know Sometime during the summer I like to encourage my my team to have a little bit of time off. But when September goes in and the students arrive we, we try to work really hard to get him through and then we take it the winter holidays. What what kinds of things are you and your team defending against who? Who's WHO's coming at your network? You know it's the usual array of Fred actors You know think about the things that research is doing. You know we're we're doing. A lot of research in the area of Koga right now, and it's just. Be We have the capability. We have the expertise we have the researchers at want to do that. But we also have school medicine in public health. We also have a school of Nursing School of Pharmacy. So healthcare education is important in that has just a treasure trove highly valuable. Information in it. But we do engineering work, and some of that work is is patentable work. So that's probably attractive We do a lot of business influenced work. we have data science institute which is trying to figure out the the better ways to understand. You know the the magic acronyms of a I in L.. Artificial intelligence. Machine. Learning. And and that's that's attractive information not only that forty four, thousand students twenty three, thousand staff that's a treasure trove of marketable information. You know I always wonder you know someone in a situation like yours where certainly you're going to have some students and I'm thinking of Oh I don't know folks in computer science and other sorts of places who were going to look at you know the the campus system or the university system as you know their own personal playground there that. you know they're gonNA WANNA, test their own skills against yours. I mean I is that an annual thing and and how do you? How do you? How do you not be adversarial? How do you support You know the educational aspects of of those students while still keeping things up and running what's your approach to those sorts of things? Well. So I we we are establishing some really good partnerships with with the Academy with the the the professors and researchers that are interested in studying the cybersecurity arts and sciences. we've had a relationship with the information school. is They're they're part of the College of letters and Sciences and now they're part of what's been amalgam is as the the School of Computing. Data. And Information Studies so CDs. In in in doing that, I, mean, the partnership is if it's data and if it's doing things if it's you know working or arresting or or if it's needing to be analyzed, we have people that are very much interested and so I've had my my department be intentional about establishing those greater relationships we have you know researchers doing anything from identity access. Management Research to data analytics to cybersecurity metrics and then we have others on campus that are doing great work in high throughput. Computing Great Work in in you know engineering the the next greatest you know computer technologies. In other side trips we had We have a researcher that is working on, Thomas Vehicle. Research you know and there's an awful lot of cyber in there too so. Having those kind of relationships is the the real multiplier here, and this is not unusual by the way for university. This is nothing super special. We're doing it's just that You know there's a, there's a lot of cybersecurity programs out there where there you know NSA certified Center for Academic Excellence. Certified and we're GONNA. Get there eventually. I believe But right now we're just supporting the researchers in the courses are being taught. Sue I myself have been a guest lecturer in a one of the business school courses. It has an information security course as part of its core. That's been fun. I enjoy doing. I did a little bit of that as an adjunct University part of my coming here.