SlideShare a Scribd company logo

Information security at University of East London: the benefits (and pitfalls) of a framework approach

Download as PPTX, PDF
Jisc
Jisc

Presentation from the Jisc security conference 2016 www.jisc.ac.uk

Technology
1 of 12
Information security at University of East London: The benefits (and pitfalls) of a framework approach Craig Clark- Information Security and Compliance Manager Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 111/11/2016
» Involved in information security at UEL since 2014 – previous experience in facilities management and insurance sectors » Not a traditional techie – background in social engineering, forensic science and risk management » Mandate covers implementing a ‘security culture’ » Certified ISO27001 lead implementer and GDPR practitioner About me 11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 2
» Sensitive data across multiple systems with multiple owners » No consistent information governance methodology for classification and retention » ‘Best efforts’ approach from within IT but no formal information security strategy at vice chancellor and governor level » No full time post for information security » Fragmented approach information sharing The UEL information security quandary – Previously: 11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 3
» Embeds governance, responsibility and accountability values - protection at the front door » A ‘one stop shop’ for information security and governance » A mechanism to implement the CIA triad consistently across the institution » Allows for information security to align with strategic goals » The framework aligns with controls outlined for an ISO27001 ISMS » Allows for a systematic approach to risk What is an information security framework in a UEL context? 11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 4
11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 5 Policy Signposting and awareness Procedures Processes Auditable evidence
Mandatory » Data protection/GDPR » Freedom of Information » Copyright » Intellectual Property » Janet network » Prevent » PCI-DSS Information security policy Supporting policies » Acceptable use » Antivirus and malware » Cloud services » Social media » Data retention » Data classification » Access management policy 11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 6
» Updated to reflect evolving risk landscape especially Prevent and GDPR » Modeled on Janet network/UCISA policies and toolkits » For UEL it requires backing at governor level – takes time to get through various committees » Needs Union involvement to feed in to disciplinary process for staff breaches » Communication and accountability across all levels is vital Policies 11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 7
» Multiple modes of delivery (intranet, internal communications, eLearning, workshops and Lynda.com) » Dedicated workshops tailored to business function (research, service desk etc) » Dedicated intranet site aimed at highlighting good information security practices at work and at home » Information security incorporated into risk management strategy and various sub-committees Signposting and awareness 11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 8
» Covers the who, what, where when and how » Many procedures and processes exist as ‘business as usual’ activities – but documentation is key to improve the amount of auditable evidence » Where processes and procedures are widely applicable they must be highly visible and people should be able to suggest improvements » Information sharing agreements and internal audit results should be held outside the affected department – ideally by governance Procedures and processes 11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 9
» Framework allows for increased output of auditable evidence » Several audit templates available » ICO has published high level audit areas » Cloud SecurityAlliance » GDPR likely to impact on evidence requirements Auditable evidence 11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 10
Conclusions » The framework is an evolving, flexible process » Final version will include new GDPR processes, policies and procedures » Buy in from the vice chancellor and governor has been vital » It’s a long road! » There has been resistance from some business units and academics but overall positive experience Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 11
Contact details C.Clark@uel.ac.uk twitter.com/cogitateclark LinkedIn: https://uk.linkedin.com/in/craig-clark-itil-cis-li-eu-gdpr-p-17480198 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 12

Recommended

Leveraging change through digital capability - James Clay, Chris Roberts, Tim...
Leveraging change through digital capability - James Clay, Chris Roberts, Tim...Leveraging change through digital capability - James Clay, Chris Roberts, Tim...
Leveraging change through digital capability - James Clay, Chris Roberts, Tim...Jisc
 
Find out about Jisc - Networkshop44 2016
Find out about Jisc - Networkshop44 2016Find out about Jisc - Networkshop44 2016
Find out about Jisc - Networkshop44 2016Jisc
 
UCISA digital capability survey 2017
UCISA digital capability survey 2017UCISA digital capability survey 2017
UCISA digital capability survey 2017Jisc
 
Jisc Monitor workshop - Jo Lambert and Brian Mitchell - Jisc Digital Festival...
Jisc Monitor workshop - Jo Lambert and Brian Mitchell - Jisc Digital Festival...Jisc Monitor workshop - Jo Lambert and Brian Mitchell - Jisc Digital Festival...
Jisc Monitor workshop - Jo Lambert and Brian Mitchell - Jisc Digital Festival...Jisc
 
Leveraging change through digital capability - Lawrie Phipps, Terri Smith and...
Leveraging change through digital capability - Lawrie Phipps, Terri Smith and...Leveraging change through digital capability - Lawrie Phipps, Terri Smith and...
Leveraging change through digital capability - Lawrie Phipps, Terri Smith and...Jisc
 
Lowering the bar to using data – interactive dashboards for education
Lowering the bar to using data – interactive dashboards for educationLowering the bar to using data – interactive dashboards for education
Lowering the bar to using data – interactive dashboards for educationJisc
 
Digital literacy: key issues
Digital literacy: key issuesDigital literacy: key issues
Digital literacy: key issuesJisc
 
How you can enhance your efficiency and effectiveness for teaching and learni...
How you can enhance your efficiency and effectiveness for teaching and learni...How you can enhance your efficiency and effectiveness for teaching and learni...
How you can enhance your efficiency and effectiveness for teaching and learni...Jisc
 

Recommended

Leveraging change through digital capability - James Clay, Chris Roberts, Tim...
Leveraging change through digital capability - James Clay, Chris Roberts, Tim...Leveraging change through digital capability - James Clay, Chris Roberts, Tim...
Leveraging change through digital capability - James Clay, Chris Roberts, Tim...Jisc
 
Find out about Jisc - Networkshop44 2016
Find out about Jisc - Networkshop44 2016Find out about Jisc - Networkshop44 2016
Find out about Jisc - Networkshop44 2016Jisc
 
UCISA digital capability survey 2017
UCISA digital capability survey 2017UCISA digital capability survey 2017
UCISA digital capability survey 2017Jisc
 
Jisc Monitor workshop - Jo Lambert and Brian Mitchell - Jisc Digital Festival...
Jisc Monitor workshop - Jo Lambert and Brian Mitchell - Jisc Digital Festival...Jisc Monitor workshop - Jo Lambert and Brian Mitchell - Jisc Digital Festival...
Jisc Monitor workshop - Jo Lambert and Brian Mitchell - Jisc Digital Festival...Jisc
 
Leveraging change through digital capability - Lawrie Phipps, Terri Smith and...
Leveraging change through digital capability - Lawrie Phipps, Terri Smith and...Leveraging change through digital capability - Lawrie Phipps, Terri Smith and...
Leveraging change through digital capability - Lawrie Phipps, Terri Smith and...Jisc
 
Lowering the bar to using data – interactive dashboards for education
Lowering the bar to using data – interactive dashboards for educationLowering the bar to using data – interactive dashboards for education
Lowering the bar to using data – interactive dashboards for educationJisc
 
Digital literacy: key issues
Digital literacy: key issuesDigital literacy: key issues
Digital literacy: key issuesJisc
 
How you can enhance your efficiency and effectiveness for teaching and learni...
How you can enhance your efficiency and effectiveness for teaching and learni...How you can enhance your efficiency and effectiveness for teaching and learni...
How you can enhance your efficiency and effectiveness for teaching and learni...Jisc
 
How to change the learning landscape
How to change the learning landscapeHow to change the learning landscape
How to change the learning landscapeJisc
 
Staff-student partnership working to effect institutional change - Jisc Digit...
Staff-student partnership working to effect institutional change - Jisc Digit...Staff-student partnership working to effect institutional change - Jisc Digit...
Staff-student partnership working to effect institutional change - Jisc Digit...Jisc
 
Transnational education: conversations for success - Jisc Digital Festival 2015
Transnational education: conversations for success - Jisc Digital Festival 2015Transnational education: conversations for success - Jisc Digital Festival 2015
Transnational education: conversations for success - Jisc Digital Festival 2015Jisc
 
Jisc Support for Asset Sharing - Kit-Catalogue National User Group November 2014
Jisc Support for Asset Sharing - Kit-Catalogue National User Group November 2014Jisc Support for Asset Sharing - Kit-Catalogue National User Group November 2014
Jisc Support for Asset Sharing - Kit-Catalogue National User Group November 2014Martin Hamilton
 
Directions in research data management - Jisc Digital Festival 2015
Directions in research data management - Jisc Digital Festival 2015Directions in research data management - Jisc Digital Festival 2015
Directions in research data management - Jisc Digital Festival 2015Jisc
 
How you can enhance the efficiency and effectiveness of teaching and learning...
How you can enhance the efficiency and effectiveness of teaching and learning...How you can enhance the efficiency and effectiveness of teaching and learning...
How you can enhance the efficiency and effectiveness of teaching and learning...Jisc
 
Collaboration through technology: moving from possibility to practice
Collaboration through technology: moving from possibility to practiceCollaboration through technology: moving from possibility to practice
Collaboration through technology: moving from possibility to practiceJisc
 
Kit-Catalogue - Discovering the Value of Equipment Sharing - Universities UK ...
Kit-Catalogue - Discovering the Value of Equipment Sharing - Universities UK ...Kit-Catalogue - Discovering the Value of Equipment Sharing - Universities UK ...
Kit-Catalogue - Discovering the Value of Equipment Sharing - Universities UK ...Martin Hamilton
 
Outcomes from the Digital Student Skills project
Outcomes from the Digital Student Skills projectOutcomes from the Digital Student Skills project
Outcomes from the Digital Student Skills projectJisc
 
Collaboration through technology: moving from possibility to practice - Tim B...
Collaboration through technology: moving from possibility to practice - Tim B...Collaboration through technology: moving from possibility to practice - Tim B...
Collaboration through technology: moving from possibility to practice - Tim B...Jisc
 
Tracking research and research systems
Tracking research and research systemsTracking research and research systems
Tracking research and research systemsJisc
 
Connect More with peers in practice - Connect More 2017 Birmingham
Connect More with peers in practice - Connect More 2017 BirminghamConnect More with peers in practice - Connect More 2017 Birmingham
Connect More with peers in practice - Connect More 2017 BirminghamJisc
 
Mobile learning in practice - Jisc Digital Festival 2015
Mobile learning in practice - Jisc Digital Festival 2015Mobile learning in practice - Jisc Digital Festival 2015
Mobile learning in practice - Jisc Digital Festival 2015Jisc
 
Collaboration through technology: moving from possibility to practice - Marti...
Collaboration through technology: moving from possibility to practice - Marti...Collaboration through technology: moving from possibility to practice - Marti...
Collaboration through technology: moving from possibility to practice - Marti...Jisc
 
Good Intentions: improving the evidence base in support of sharing learning m...
Good Intentions: improving the evidence base in support of sharing learning m...Good Intentions: improving the evidence base in support of sharing learning m...
Good Intentions: improving the evidence base in support of sharing learning m...loumcgill
 
Developing and extending approaches to embedding digital capabilities into in...
Developing and extending approaches to embedding digital capabilities into in...Developing and extending approaches to embedding digital capabilities into in...
Developing and extending approaches to embedding digital capabilities into in...Jisc
 
Making the most of digital resources - Hazel White and Alicia Wallace
Making the most of digital resources - Hazel White and Alicia WallaceMaking the most of digital resources - Hazel White and Alicia Wallace
Making the most of digital resources - Hazel White and Alicia WallaceJisc
 
Whats new in ict law - Networkshop44
Whats new in ict law - Networkshop44Whats new in ict law - Networkshop44
Whats new in ict law - Networkshop44Jisc
 
How compliant is your institution? University of Glasgow RIOXX case study - M...
How compliant is your institution? University of Glasgow RIOXX case study - M...How compliant is your institution? University of Glasgow RIOXX case study - M...
How compliant is your institution? University of Glasgow RIOXX case study - M...Jisc
 
Collaboration through technology: moving from possibility to practice - Tim B...
Collaboration through technology: moving from possibility to practice - Tim B...Collaboration through technology: moving from possibility to practice - Tim B...
Collaboration through technology: moving from possibility to practice - Tim B...Jisc
 
Data and information governance: getting this right to support an information...
Data and information governance: getting this right to support an information...Data and information governance: getting this right to support an information...
Data and information governance: getting this right to support an information...Jisc
 
GDPR: More reasons for information security
GDPR: More reasons for information securityGDPR: More reasons for information security
GDPR: More reasons for information securityJisc
 

More Related Content

What's hot

How to change the learning landscape
How to change the learning landscapeHow to change the learning landscape
How to change the learning landscapeJisc
 
Staff-student partnership working to effect institutional change - Jisc Digit...
Staff-student partnership working to effect institutional change - Jisc Digit...Staff-student partnership working to effect institutional change - Jisc Digit...
Staff-student partnership working to effect institutional change - Jisc Digit...Jisc
 
Transnational education: conversations for success - Jisc Digital Festival 2015
Transnational education: conversations for success - Jisc Digital Festival 2015Transnational education: conversations for success - Jisc Digital Festival 2015
Transnational education: conversations for success - Jisc Digital Festival 2015Jisc
 
Jisc Support for Asset Sharing - Kit-Catalogue National User Group November 2014
Jisc Support for Asset Sharing - Kit-Catalogue National User Group November 2014Jisc Support for Asset Sharing - Kit-Catalogue National User Group November 2014
Jisc Support for Asset Sharing - Kit-Catalogue National User Group November 2014Martin Hamilton
 
Directions in research data management - Jisc Digital Festival 2015
Directions in research data management - Jisc Digital Festival 2015Directions in research data management - Jisc Digital Festival 2015
Directions in research data management - Jisc Digital Festival 2015Jisc
 
How you can enhance the efficiency and effectiveness of teaching and learning...
How you can enhance the efficiency and effectiveness of teaching and learning...How you can enhance the efficiency and effectiveness of teaching and learning...
How you can enhance the efficiency and effectiveness of teaching and learning...Jisc
 
Collaboration through technology: moving from possibility to practice
Collaboration through technology: moving from possibility to practiceCollaboration through technology: moving from possibility to practice
Collaboration through technology: moving from possibility to practiceJisc
 
Kit-Catalogue - Discovering the Value of Equipment Sharing - Universities UK ...
Kit-Catalogue - Discovering the Value of Equipment Sharing - Universities UK ...Kit-Catalogue - Discovering the Value of Equipment Sharing - Universities UK ...
Kit-Catalogue - Discovering the Value of Equipment Sharing - Universities UK ...Martin Hamilton
 
Outcomes from the Digital Student Skills project
Outcomes from the Digital Student Skills projectOutcomes from the Digital Student Skills project
Outcomes from the Digital Student Skills projectJisc
 
Collaboration through technology: moving from possibility to practice - Tim B...
Collaboration through technology: moving from possibility to practice - Tim B...Collaboration through technology: moving from possibility to practice - Tim B...
Collaboration through technology: moving from possibility to practice - Tim B...Jisc
 
Tracking research and research systems
Tracking research and research systemsTracking research and research systems
Tracking research and research systemsJisc
 
Connect More with peers in practice - Connect More 2017 Birmingham
Connect More with peers in practice - Connect More 2017 BirminghamConnect More with peers in practice - Connect More 2017 Birmingham
Connect More with peers in practice - Connect More 2017 BirminghamJisc
 
Mobile learning in practice - Jisc Digital Festival 2015
Mobile learning in practice - Jisc Digital Festival 2015Mobile learning in practice - Jisc Digital Festival 2015
Mobile learning in practice - Jisc Digital Festival 2015Jisc
 
Collaboration through technology: moving from possibility to practice - Marti...
Collaboration through technology: moving from possibility to practice - Marti...Collaboration through technology: moving from possibility to practice - Marti...
Collaboration through technology: moving from possibility to practice - Marti...Jisc
 
Good Intentions: improving the evidence base in support of sharing learning m...
Good Intentions: improving the evidence base in support of sharing learning m...Good Intentions: improving the evidence base in support of sharing learning m...
Good Intentions: improving the evidence base in support of sharing learning m...loumcgill
 
Developing and extending approaches to embedding digital capabilities into in...
Developing and extending approaches to embedding digital capabilities into in...Developing and extending approaches to embedding digital capabilities into in...
Developing and extending approaches to embedding digital capabilities into in...Jisc
 
Making the most of digital resources - Hazel White and Alicia Wallace
Making the most of digital resources - Hazel White and Alicia WallaceMaking the most of digital resources - Hazel White and Alicia Wallace
Making the most of digital resources - Hazel White and Alicia WallaceJisc
 
Whats new in ict law - Networkshop44
Whats new in ict law - Networkshop44Whats new in ict law - Networkshop44
Whats new in ict law - Networkshop44Jisc
 
How compliant is your institution? University of Glasgow RIOXX case study - M...
How compliant is your institution? University of Glasgow RIOXX case study - M...How compliant is your institution? University of Glasgow RIOXX case study - M...
How compliant is your institution? University of Glasgow RIOXX case study - M...Jisc
 
Collaboration through technology: moving from possibility to practice - Tim B...
Collaboration through technology: moving from possibility to practice - Tim B...Collaboration through technology: moving from possibility to practice - Tim B...
Collaboration through technology: moving from possibility to practice - Tim B...Jisc
 

What's hot (20)

How to change the learning landscape
How to change the learning landscapeHow to change the learning landscape
How to change the learning landscape
 
Staff-student partnership working to effect institutional change - Jisc Digit...
Staff-student partnership working to effect institutional change - Jisc Digit...Staff-student partnership working to effect institutional change - Jisc Digit...
Staff-student partnership working to effect institutional change - Jisc Digit...
 
Transnational education: conversations for success - Jisc Digital Festival 2015
Transnational education: conversations for success - Jisc Digital Festival 2015Transnational education: conversations for success - Jisc Digital Festival 2015
Transnational education: conversations for success - Jisc Digital Festival 2015
 
Jisc Support for Asset Sharing - Kit-Catalogue National User Group November 2014
Jisc Support for Asset Sharing - Kit-Catalogue National User Group November 2014Jisc Support for Asset Sharing - Kit-Catalogue National User Group November 2014
Jisc Support for Asset Sharing - Kit-Catalogue National User Group November 2014
 
Directions in research data management - Jisc Digital Festival 2015
Directions in research data management - Jisc Digital Festival 2015Directions in research data management - Jisc Digital Festival 2015
Directions in research data management - Jisc Digital Festival 2015
 
How you can enhance the efficiency and effectiveness of teaching and learning...
How you can enhance the efficiency and effectiveness of teaching and learning...How you can enhance the efficiency and effectiveness of teaching and learning...
How you can enhance the efficiency and effectiveness of teaching and learning...
 
Collaboration through technology: moving from possibility to practice
Collaboration through technology: moving from possibility to practiceCollaboration through technology: moving from possibility to practice
Collaboration through technology: moving from possibility to practice
 
Kit-Catalogue - Discovering the Value of Equipment Sharing - Universities UK ...
Kit-Catalogue - Discovering the Value of Equipment Sharing - Universities UK ...Kit-Catalogue - Discovering the Value of Equipment Sharing - Universities UK ...
Kit-Catalogue - Discovering the Value of Equipment Sharing - Universities UK ...
 
Outcomes from the Digital Student Skills project
Outcomes from the Digital Student Skills projectOutcomes from the Digital Student Skills project
Outcomes from the Digital Student Skills project
 
Collaboration through technology: moving from possibility to practice - Tim B...
Collaboration through technology: moving from possibility to practice - Tim B...Collaboration through technology: moving from possibility to practice - Tim B...
Collaboration through technology: moving from possibility to practice - Tim B...
 
Tracking research and research systems
Tracking research and research systemsTracking research and research systems
Tracking research and research systems
 
Connect More with peers in practice - Connect More 2017 Birmingham
Connect More with peers in practice - Connect More 2017 BirminghamConnect More with peers in practice - Connect More 2017 Birmingham
Connect More with peers in practice - Connect More 2017 Birmingham
 
Mobile learning in practice - Jisc Digital Festival 2015
Mobile learning in practice - Jisc Digital Festival 2015Mobile learning in practice - Jisc Digital Festival 2015
Mobile learning in practice - Jisc Digital Festival 2015
 
Collaboration through technology: moving from possibility to practice - Marti...
Collaboration through technology: moving from possibility to practice - Marti...Collaboration through technology: moving from possibility to practice - Marti...
Collaboration through technology: moving from possibility to practice - Marti...
 
Good Intentions: improving the evidence base in support of sharing learning m...
Good Intentions: improving the evidence base in support of sharing learning m...Good Intentions: improving the evidence base in support of sharing learning m...
Good Intentions: improving the evidence base in support of sharing learning m...
 
Developing and extending approaches to embedding digital capabilities into in...
Developing and extending approaches to embedding digital capabilities into in...Developing and extending approaches to embedding digital capabilities into in...
Developing and extending approaches to embedding digital capabilities into in...
 
Making the most of digital resources - Hazel White and Alicia Wallace
Making the most of digital resources - Hazel White and Alicia WallaceMaking the most of digital resources - Hazel White and Alicia Wallace
Making the most of digital resources - Hazel White and Alicia Wallace
 
Whats new in ict law - Networkshop44
Whats new in ict law - Networkshop44Whats new in ict law - Networkshop44
Whats new in ict law - Networkshop44
 
How compliant is your institution? University of Glasgow RIOXX case study - M...
How compliant is your institution? University of Glasgow RIOXX case study - M...How compliant is your institution? University of Glasgow RIOXX case study - M...
How compliant is your institution? University of Glasgow RIOXX case study - M...
 
Collaboration through technology: moving from possibility to practice - Tim B...
Collaboration through technology: moving from possibility to practice - Tim B...Collaboration through technology: moving from possibility to practice - Tim B...
Collaboration through technology: moving from possibility to practice - Tim B...
 

Viewers also liked

Data and information governance: getting this right to support an information...
Data and information governance: getting this right to support an information...Data and information governance: getting this right to support an information...
Data and information governance: getting this right to support an information...Jisc
 
GDPR: More reasons for information security
GDPR: More reasons for information securityGDPR: More reasons for information security
GDPR: More reasons for information securityJisc
 
Cyber Crime - "Who, What and How"
Cyber Crime - "Who, What and How"Cyber Crime - "Who, What and How"
Cyber Crime - "Who, What and How"Jisc
 
Role of the CISO in Higher Education
Role of the CISO in Higher EducationRole of the CISO in Higher Education
Role of the CISO in Higher EducationJisc
 
Protecting our customers - BT security
Protecting our customers - BT securityProtecting our customers - BT security
Protecting our customers - BT securityJisc
 
Mitigation starts now
Mitigation starts nowMitigation starts now
Mitigation starts nowJisc
 
Certifying and Securing a Trusted Environment for Health Informatics Research...
Certifying and Securing a Trusted Environment for Health Informatics Research...Certifying and Securing a Trusted Environment for Health Informatics Research...
Certifying and Securing a Trusted Environment for Health Informatics Research...Jisc
 
Working with students and ISO27001
Working with students and ISO27001Working with students and ISO27001
Working with students and ISO27001Jisc
 
Embracing local devolution - two college's intriguing insights into respondin...
Embracing local devolution - two college's intriguing insights into respondin...Embracing local devolution - two college's intriguing insights into respondin...
Embracing local devolution - two college's intriguing insights into respondin...Jisc
 
An evolution of Vscene in action - John Wilson
An evolution of Vscene in action - John WilsonAn evolution of Vscene in action - John Wilson
An evolution of Vscene in action - John WilsonJisc
 
Perspectives on implementing a vision for developing staff digital capability
Perspectives on implementing a vision for developing staff digital capabilityPerspectives on implementing a vision for developing staff digital capability
Perspectives on implementing a vision for developing staff digital capabilityJisc
 
Learning analytics for FE colleges
Learning analytics for FE collegesLearning analytics for FE colleges
Learning analytics for FE collegesJisc
 
Inclusively enhancing learning from lecture recordings: using Synote without ...
Inclusively enhancing learning from lecture recordings: using Synote without ...Inclusively enhancing learning from lecture recordings: using Synote without ...
Inclusively enhancing learning from lecture recordings: using Synote without ...Jisc
 
Making best use of technology for employability: the Jisc employability toolkit
Making best use of technology for employability: the Jisc employability toolkitMaking best use of technology for employability: the Jisc employability toolkit
Making best use of technology for employability: the Jisc employability toolkitJisc
 
An evolution of Vscene in action - Tim Boundy
An evolution of Vscene in action - Tim BoundyAn evolution of Vscene in action - Tim Boundy
An evolution of Vscene in action - Tim BoundyJisc
 
Institutional visions for a digital student experience
Institutional visions for a digital student experienceInstitutional visions for a digital student experience
Institutional visions for a digital student experienceJisc
 
Increasing student satisfaction by closing the feedback loop
Increasing student satisfaction by closing the feedback loopIncreasing student satisfaction by closing the feedback loop
Increasing student satisfaction by closing the feedback loopJisc
 
Exploiting digital collections in learning, teaching and research
Exploiting digital collections in learning, teaching and researchExploiting digital collections in learning, teaching and research
Exploiting digital collections in learning, teaching and researchJisc
 
Transforming organisational culture
Transforming organisational cultureTransforming organisational culture
Transforming organisational cultureJisc
 
Amazon Web Services
Amazon Web ServicesAmazon Web Services
Amazon Web ServicesJisc
 

Viewers also liked (20)

Data and information governance: getting this right to support an information...
Data and information governance: getting this right to support an information...Data and information governance: getting this right to support an information...
Data and information governance: getting this right to support an information...
 
GDPR: More reasons for information security
GDPR: More reasons for information securityGDPR: More reasons for information security
GDPR: More reasons for information security
 
Cyber Crime - "Who, What and How"
Cyber Crime - "Who, What and How"Cyber Crime - "Who, What and How"
Cyber Crime - "Who, What and How"
 
Role of the CISO in Higher Education
Role of the CISO in Higher EducationRole of the CISO in Higher Education
Role of the CISO in Higher Education
 
Protecting our customers - BT security
Protecting our customers - BT securityProtecting our customers - BT security
Protecting our customers - BT security
 
Mitigation starts now
Mitigation starts nowMitigation starts now
Mitigation starts now
 
Certifying and Securing a Trusted Environment for Health Informatics Research...
Certifying and Securing a Trusted Environment for Health Informatics Research...Certifying and Securing a Trusted Environment for Health Informatics Research...
Certifying and Securing a Trusted Environment for Health Informatics Research...
 
Working with students and ISO27001
Working with students and ISO27001Working with students and ISO27001
Working with students and ISO27001
 
Embracing local devolution - two college's intriguing insights into respondin...
Embracing local devolution - two college's intriguing insights into respondin...Embracing local devolution - two college's intriguing insights into respondin...
Embracing local devolution - two college's intriguing insights into respondin...
 
An evolution of Vscene in action - John Wilson
An evolution of Vscene in action - John WilsonAn evolution of Vscene in action - John Wilson
An evolution of Vscene in action - John Wilson
 
Perspectives on implementing a vision for developing staff digital capability
Perspectives on implementing a vision for developing staff digital capabilityPerspectives on implementing a vision for developing staff digital capability
Perspectives on implementing a vision for developing staff digital capability
 
Learning analytics for FE colleges
Learning analytics for FE collegesLearning analytics for FE colleges
Learning analytics for FE colleges
 
Inclusively enhancing learning from lecture recordings: using Synote without ...
Inclusively enhancing learning from lecture recordings: using Synote without ...Inclusively enhancing learning from lecture recordings: using Synote without ...
Inclusively enhancing learning from lecture recordings: using Synote without ...
 
Making best use of technology for employability: the Jisc employability toolkit
Making best use of technology for employability: the Jisc employability toolkitMaking best use of technology for employability: the Jisc employability toolkit
Making best use of technology for employability: the Jisc employability toolkit
 
An evolution of Vscene in action - Tim Boundy
An evolution of Vscene in action - Tim BoundyAn evolution of Vscene in action - Tim Boundy
An evolution of Vscene in action - Tim Boundy
 
Institutional visions for a digital student experience
Institutional visions for a digital student experienceInstitutional visions for a digital student experience
Institutional visions for a digital student experience
 
Increasing student satisfaction by closing the feedback loop
Increasing student satisfaction by closing the feedback loopIncreasing student satisfaction by closing the feedback loop
Increasing student satisfaction by closing the feedback loop
 
Exploiting digital collections in learning, teaching and research
Exploiting digital collections in learning, teaching and researchExploiting digital collections in learning, teaching and research
Exploiting digital collections in learning, teaching and research
 
Transforming organisational culture
Transforming organisational cultureTransforming organisational culture
Transforming organisational culture
 
Amazon Web Services
Amazon Web ServicesAmazon Web Services
Amazon Web Services
 

Similar to Information security at University of East London: the benefits (and pitfalls) of a framework approach

Behaviour Change and Cyber-Security
Behaviour Change and Cyber-SecurityBehaviour Change and Cyber-Security
Behaviour Change and Cyber-Securityjoinson
 
Bl cybersecurity z_dooly
Bl cybersecurity z_doolyBl cybersecurity z_dooly
Bl cybersecurity z_doolyzdooly
 
Start With A Great Information Security Plan!
Start With A Great Information Security Plan!Start With A Great Information Security Plan!
Start With A Great Information Security Plan!Tammy Clark
 
Recapitulating the development initiatives of a robust information security s...
Recapitulating the development initiatives of a robust information security s...Recapitulating the development initiatives of a robust information security s...
Recapitulating the development initiatives of a robust information security s...IOSR Journals
 
International Cooperation for Research on Privacy and Data Protection - Austr...
International Cooperation for Research on Privacy and Data Protection - Austr...International Cooperation for Research on Privacy and Data Protection - Austr...
International Cooperation for Research on Privacy and Data Protection - Austr...Liming Zhu
 
2013 Data Protection Maturity Trends: How Do You Compare?
2013 Data Protection Maturity Trends: How Do You Compare?2013 Data Protection Maturity Trends: How Do You Compare?
2013 Data Protection Maturity Trends: How Do You Compare?Lumension
 
An itinerary for FAIR and privacy respecting data-driven innovation and research
An itinerary for FAIR and privacy respecting data-driven innovation and researchAn itinerary for FAIR and privacy respecting data-driven innovation and research
An itinerary for FAIR and privacy respecting data-driven innovation and researchMarlon Domingus
 
From Law to Code: Translating Legal Principles into Digital Rules
From Law to Code: Translating Legal Principles into Digital RulesFrom Law to Code: Translating Legal Principles into Digital Rules
From Law to Code: Translating Legal Principles into Digital RulesRónán Kennedy
 
Avoiding Invasive Surveillance, Ensuring Trust: ENSURING TRUST UNED’S AvEx
Avoiding Invasive Surveillance, Ensuring Trust: ENSURING TRUST UNED’S AvExAvoiding Invasive Surveillance, Ensuring Trust: ENSURING TRUST UNED’S AvEx
Avoiding Invasive Surveillance, Ensuring Trust: ENSURING TRUST UNED’S AvExEADTU
 
Good practice in learning analytics - Jisc Digital Festival 2015
Good practice in learning analytics - Jisc Digital Festival 2015Good practice in learning analytics - Jisc Digital Festival 2015
Good practice in learning analytics - Jisc Digital Festival 2015Jisc
 
Industry program panel - SINCONF ACM
Industry program panel - SINCONF ACMIndustry program panel - SINCONF ACM
Industry program panel - SINCONF ACMchristophefeltus
 
“Security” In a Digital Interconnected World
“Security” In a Digital Interconnected World “Security” In a Digital Interconnected World
“Security” In a Digital Interconnected World Internet Society
 
Challenges and opportunities in the paperless NHS & beyond - A data protectio...
Challenges and opportunities in the paperless NHS & beyond - A data protectio...Challenges and opportunities in the paperless NHS & beyond - A data protectio...
Challenges and opportunities in the paperless NHS & beyond - A data protectio...Osborne Clarke
 
Secure and Compliant Data Management in FinTech Applications
Secure and Compliant Data Management in FinTech ApplicationsSecure and Compliant Data Management in FinTech Applications
Secure and Compliant Data Management in FinTech ApplicationsLionel Briand
 
The SAFARI syndrome. Implementing CRIS and open science
The SAFARI syndrome. Implementing CRIS and open scienceThe SAFARI syndrome. Implementing CRIS and open science
The SAFARI syndrome. Implementing CRIS and open scienceUniversity Lille 3
 
ICAANZ VPDSS presentation by Paul O'Connor
ICAANZ VPDSS presentation by Paul O'ConnorICAANZ VPDSS presentation by Paul O'Connor
ICAANZ VPDSS presentation by Paul O'ConnorPaul O'Connor
 
Survey of accountability, trust, consent, tracking, security and privacy mech...
Survey of accountability, trust, consent, tracking, security and privacy mech...Survey of accountability, trust, consent, tracking, security and privacy mech...
Survey of accountability, trust, consent, tracking, security and privacy mech...Karlos Svoboda
 
Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...
Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...
Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...Karlos Svoboda
 

Similar to Information security at University of East London: the benefits (and pitfalls) of a framework approach (20)

Behaviour Change and Cyber-Security
Behaviour Change and Cyber-SecurityBehaviour Change and Cyber-Security
Behaviour Change and Cyber-Security
 
Bl cybersecurity z_dooly
Bl cybersecurity z_doolyBl cybersecurity z_dooly
Bl cybersecurity z_dooly
 
Start With A Great Information Security Plan!
Start With A Great Information Security Plan!Start With A Great Information Security Plan!
Start With A Great Information Security Plan!
 
Recapitulating the development initiatives of a robust information security s...
Recapitulating the development initiatives of a robust information security s...Recapitulating the development initiatives of a robust information security s...
Recapitulating the development initiatives of a robust information security s...
 
International Cooperation for Research on Privacy and Data Protection - Austr...
International Cooperation for Research on Privacy and Data Protection - Austr...International Cooperation for Research on Privacy and Data Protection - Austr...
International Cooperation for Research on Privacy and Data Protection - Austr...
 
2013 Data Protection Maturity Trends: How Do You Compare?
2013 Data Protection Maturity Trends: How Do You Compare?2013 Data Protection Maturity Trends: How Do You Compare?
2013 Data Protection Maturity Trends: How Do You Compare?
 
An itinerary for FAIR and privacy respecting data-driven innovation and research
An itinerary for FAIR and privacy respecting data-driven innovation and researchAn itinerary for FAIR and privacy respecting data-driven innovation and research
An itinerary for FAIR and privacy respecting data-driven innovation and research
 
From Law to Code: Translating Legal Principles into Digital Rules
From Law to Code: Translating Legal Principles into Digital RulesFrom Law to Code: Translating Legal Principles into Digital Rules
From Law to Code: Translating Legal Principles into Digital Rules
 
Avoiding Invasive Surveillance, Ensuring Trust: ENSURING TRUST UNED’S AvEx
Avoiding Invasive Surveillance, Ensuring Trust: ENSURING TRUST UNED’S AvExAvoiding Invasive Surveillance, Ensuring Trust: ENSURING TRUST UNED’S AvEx
Avoiding Invasive Surveillance, Ensuring Trust: ENSURING TRUST UNED’S AvEx
 
Good practice in learning analytics - Jisc Digital Festival 2015
Good practice in learning analytics - Jisc Digital Festival 2015Good practice in learning analytics - Jisc Digital Festival 2015
Good practice in learning analytics - Jisc Digital Festival 2015
 
Industry program panel - SINCONF ACM
Industry program panel - SINCONF ACMIndustry program panel - SINCONF ACM
Industry program panel - SINCONF ACM
 
Industry program panel
Industry program panelIndustry program panel
Industry program panel
 
“Security” In a Digital Interconnected World
“Security” In a Digital Interconnected World “Security” In a Digital Interconnected World
“Security” In a Digital Interconnected World
 
Challenges and opportunities in the paperless NHS & beyond - A data protectio...
Challenges and opportunities in the paperless NHS & beyond - A data protectio...Challenges and opportunities in the paperless NHS & beyond - A data protectio...
Challenges and opportunities in the paperless NHS & beyond - A data protectio...
 
Secure and Compliant Data Management in FinTech Applications
Secure and Compliant Data Management in FinTech ApplicationsSecure and Compliant Data Management in FinTech Applications
Secure and Compliant Data Management in FinTech Applications
 
Safari syndrome
Safari syndromeSafari syndrome
Safari syndrome
 
The SAFARI syndrome. Implementing CRIS and open science
The SAFARI syndrome. Implementing CRIS and open scienceThe SAFARI syndrome. Implementing CRIS and open science
The SAFARI syndrome. Implementing CRIS and open science
 
ICAANZ VPDSS presentation by Paul O'Connor
ICAANZ VPDSS presentation by Paul O'ConnorICAANZ VPDSS presentation by Paul O'Connor
ICAANZ VPDSS presentation by Paul O'Connor
 
Survey of accountability, trust, consent, tracking, security and privacy mech...
Survey of accountability, trust, consent, tracking, security and privacy mech...Survey of accountability, trust, consent, tracking, security and privacy mech...
Survey of accountability, trust, consent, tracking, security and privacy mech...
 
Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...
Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...
Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...
 

More from Jisc

Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Jisc
 
International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...Jisc
 
Digital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxDigital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxJisc
 
Open Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxOpen Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxJisc
 
Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Jisc
 
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...Jisc
 
Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc
 
Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc
 
Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc
 
JISC Presentation.pptx
JISC Presentation.pptxJISC Presentation.pptx
JISC Presentation.pptxJisc
 
Community-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxCommunity-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxJisc
 
The Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxThe Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxJisc
 
Are we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxAre we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxJisc
 
JiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJisc
 
UWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxUWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxJisc
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber EssentialsJisc
 
MarkChilds.pptx
MarkChilds.pptxMarkChilds.pptx
MarkChilds.pptxJisc
 
RStrachanOct23.pptx
RStrachanOct23.pptxRStrachanOct23.pptx
RStrachanOct23.pptxJisc
 
ISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptxISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptxJisc
 
FerrellWalker.pptx
FerrellWalker.pptxFerrellWalker.pptx
FerrellWalker.pptxJisc
 

More from Jisc (20)

Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
 
International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...
 
Digital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxDigital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptx
 
Open Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxOpen Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptx
 
Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...
 
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
 
Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023
 
Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023
 
Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023
 
JISC Presentation.pptx
JISC Presentation.pptxJISC Presentation.pptx
JISC Presentation.pptx
 
Community-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxCommunity-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptx
 
The Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxThe Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptx
 
Are we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxAre we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptx
 
JiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptx
 
UWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxUWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptx
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber Essentials
 
MarkChilds.pptx
MarkChilds.pptxMarkChilds.pptx
MarkChilds.pptx
 
RStrachanOct23.pptx
RStrachanOct23.pptxRStrachanOct23.pptx
RStrachanOct23.pptx
 
ISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptxISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptx
 
FerrellWalker.pptx
FerrellWalker.pptxFerrellWalker.pptx
FerrellWalker.pptx
 

Recently uploaded

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 

Recently uploaded (20)

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 

Information security at University of East London: the benefits (and pitfalls) of a framework approach

  • 1. Information security at University of East London: The benefits (and pitfalls) of a framework approach Craig Clark- Information Security and Compliance Manager Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 111/11/2016
  • 2. » Involved in information security at UEL since 2014 – previous experience in facilities management and insurance sectors » Not a traditional techie – background in social engineering, forensic science and risk management » Mandate covers implementing a ‘security culture’ » Certified ISO27001 lead implementer and GDPR practitioner About me 11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 2
  • 3. » Sensitive data across multiple systems with multiple owners » No consistent information governance methodology for classification and retention » ‘Best efforts’ approach from within IT but no formal information security strategy at vice chancellor and governor level » No full time post for information security » Fragmented approach information sharing The UEL information security quandary – Previously: 11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 3
  • 4. » Embeds governance, responsibility and accountability values - protection at the front door » A ‘one stop shop’ for information security and governance » A mechanism to implement the CIA triad consistently across the institution » Allows for information security to align with strategic goals » The framework aligns with controls outlined for an ISO27001 ISMS » Allows for a systematic approach to risk What is an information security framework in a UEL context? 11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 4
  • 5. 11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 5 Policy Signposting and awareness Procedures Processes Auditable evidence
  • 6. Mandatory » Data protection/GDPR » Freedom of Information » Copyright » Intellectual Property » Janet network » Prevent » PCI-DSS Information security policy Supporting policies » Acceptable use » Antivirus and malware » Cloud services » Social media » Data retention » Data classification » Access management policy 11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 6
  • 7. » Updated to reflect evolving risk landscape especially Prevent and GDPR » Modeled on Janet network/UCISA policies and toolkits » For UEL it requires backing at governor level – takes time to get through various committees » Needs Union involvement to feed in to disciplinary process for staff breaches » Communication and accountability across all levels is vital Policies 11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 7
  • 8. » Multiple modes of delivery (intranet, internal communications, eLearning, workshops and Lynda.com) » Dedicated workshops tailored to business function (research, service desk etc) » Dedicated intranet site aimed at highlighting good information security practices at work and at home » Information security incorporated into risk management strategy and various sub-committees Signposting and awareness 11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 8
  • 9. » Covers the who, what, where when and how » Many procedures and processes exist as ‘business as usual’ activities – but documentation is key to improve the amount of auditable evidence » Where processes and procedures are widely applicable they must be highly visible and people should be able to suggest improvements » Information sharing agreements and internal audit results should be held outside the affected department – ideally by governance Procedures and processes 11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 9
  • 10. » Framework allows for increased output of auditable evidence » Several audit templates available » ICO has published high level audit areas » Cloud SecurityAlliance » GDPR likely to impact on evidence requirements Auditable evidence 11/11/2016 Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 10
  • 11. Conclusions » The framework is an evolving, flexible process » Final version will include new GDPR processes, policies and procedures » Buy in from the vice chancellor and governor has been vital » It’s a long road! » There has been resistance from some business units and academics but overall positive experience Information Security at University of East London: The Benefits (and Pitfalls) of a Framework Approach 11