UT InfoSec Conference

Transcript

1. UT InfoSec Conference Helen Mohrmann, CISO October 16, 2019

2. Why you matter … 2

3. Current InfoSec Activities Sponsored by UT System ▪ Intrusion Detection

   System (IDS) provided by UT Austin under contract to UT System ▪ Packet broker placed at each institution ▪ Review of campus traffic in addition to the WAN traffic ▪ New ‘Risk Report’ to Institutional Audit committees ▪ Eighteen categories of risk ▪ Educate external Audit committee members ▪ Provide a consolidated view to the Board of Regents Audit, Compliance, and Risk Management Committee (ACRM) at the November meeting 3

4. Current InfoSec Activities Sponsored by UT System ▪ Network Security

   Assessment ▪ Third party study finished late spring ▪ Funding request to the Board under review ▪ Incident Response (IR) Health Checks ▪ Review each institution’s IR plan ▪ Conduct table top exercise ▪ Get to know the IR vendor, Sylint 4

5. Security Sustainability Study ▪ Since 2009, the Board has provided

   $63M for information security related improvements ▪ LERR requests for technology upgrades have increased ▪ Security related expenditures cross institutional budgets: central IT, information security, distributed IT 5

6. Security Sustainability Study ▪ Assess current security posture compared to

   a reference standard ▪ Collect information about current spending levels, funding strategies ▪ Tools ▪ Number and compensation of certain types of staff ▪ Hardware upgrade cycle plans and costs ▪ Review the findings and recommendations with institutional senior leadership and the Board 6

7. Security Sustainability Study ▪ Proposal evaluation committee: ▪ Rick Anderson,

   EVP Finance & Administration, UTRGV ▪ Todd Leach, Chief Information Officer, UTMB ▪ Kevin Kjosa, Chief Information Security Officer, UTSA ▪ Bob Shaffer, Chief Information Security Officer, UTMB ▪ Nick Long, Assistant Vice Chancellor, Budget & Planning, U. T. System Administration ▪ An Advisory Committee will be formed of Business Officers, CIOs, CISOs ▪ Each institution will be asked to appoint someone to be the overall coordinator at your institution for the study 7

8. Supporting and protecting $3B in research at UT institutions ▪

   The National Science Foundation (NSF) is sponsoring workshops to teach security professionals talk to researchers ▪ State sponsored theft is not the only challenge ▪ Privacy for Tigers project 8

9. 9

10. 10

11. 11

12. 12 Logs?!

13. Thank you for everything you do! 13