The higher education sector plays an important role in the cybersecurity of America. Through its core mission of teaching and learning, higher education is the main source of future leaders, innovators, and the technical workforce. Through research, higher education is the basic source of much of our new knowledge and future technologies. Colleges and universities also operate some of the world’s largest collections of computers and high-speed networks. This resource page provides information related to all aspects of cybersecurity for higher education, with an emphasis on strategies, policies, and other tools that will assist institutions of higher education to prevent, detect, and respond to vulnerabilities that threaten college and university computers and networks.
The Effective IT Security Practices and Solutions Guide is now available in wiki format. This resource provides practical approaches to preventing, detecting, and responding to security problems in a wide range of higher education environments. This online service is designed with colleges and universities in mind, balancing our need for security with the need for an open, collaborative networking environment. Also, because one of the overarching concerns in college and university information technology (IT) departments is a lack of resources, an effort is made to provide low-cost solutions. The target audiences are those responsible for information security in colleges and universities and information technology staff who implement and manage security measures. Recognizing that many institutions have initiated or are in the process of developing IT security programs and policies, an effort is made throughout this resource to present practices that are useful at each stage of the developmental process.
As a community-driven, community-serving project, it is important for this initiative to incorporate experiences and perspectives from many different institutions. To contribute examples of practices that have been effective in your institution, please contact :imedk1@yahoo.com
The IT Security EBK conceptualizes IT security skill requirements in a new way to address evolving IT security challenges. The EBK characterizes the IT security workforce and provides a national baseline representing the essential knowledge and skills that IT security practitioners should have to perform specific roles and responsibilities.
imedk1
The U.S. Department of Homeland Security (DHS) has published the IT Security Essential Body of Knowledge (EBK). A Glossary of Key Terms used in the EBK is also provided.
Brenda Oldfield
Director of Education, Training, and Workforce Development, Office of Cyber Security and Communications
National Cyber Security Division, U.S. Department of Homeland Security
Brenda Oldfield is responsible for cybersecurity workforce development through training, education, and professional development initiatives. In this capacity, she coordinates DHS partnerships with the National Security Agency for the National Centers of Academic Excellence in Information Assurance Education program and the NSF for the Federal Cyber Service: Scholarship for Service program.
Oldfield recently led the development of the IT Security Essential Body of Knowledge, which reflects a national skill baseline for IT security professionals. She functions as the work group leader for the role-based, specialized training component of the Federal Information Systems Security Line of Business and is an active member of the CIO Council’s IT Workforce Committee. Oldfield was recently appointed to the executive board of the Federal Information Systems Security Educators’ Association.
Previously she served in various government agencies as a technical training manager and a technology training manager, as a systems division training manager for a nationwide consulting firm, and as a high school business teacher. Oldfield earned a master’s in instructional design from Marymount University.