The Government has launched a new partnership between government and
industry to share information and intelligence on cyber security
threats. The Cyber Security Information Sharing Partnership (CISP) is
part of the UK’s cyber security strategy, established to help make UK
businesses more secure in cyberspace. The partnership is being supported
by the Security Service, GCHQ and the National Crime Agency, who will
work with industry analysts to produce and disseminate information on
cyber threats facing the UK. It complements the work being carried out
by the National Cyber Crime Unit, which tackles the most serious,
organised and complex forms of cyber crime.
The Cyber Security Information Sharing Partnership (CISP)
delivers a key component of the UK’s cyber security strategy in
facilitating the sharing of information on cyber threats in order to
make UK businesses more secure in cyberspace. This follows a successful
pilot scheme launched by the Prime Minister which included over 160
companies across a range of UK sectors.
At a UUK Round Table meeting today universities were invited to apply to be members of CISP.
Thursday, 19 September 2013
Wednesday, 11 September 2013
Presentation to be given at EDUCAUSE annual conference on 'IT Risk Assessment'
Princeton and Oxford will be giving a presentation entitled: "IT Risk Assessment: Two Universities Share Their Methodologies" at the EDUCAUSE Conference on October 16th. If anyone attends, either in-person or online, please submit comments.
Interesting quote from 2013 Information Security Breaches Survey
David Willetts introduced the Survey at the InfoSec Europe 2013 conference, which contains an interesting quote, “93% of companies where the security policy was poorly understood had staff-related breaches versus 47% where the policy was well understood”.
This statistic is widely used to support IS awareness campaigns, but it begs a question. How do you ensure security policy is well understood? Especially in a devolved organisation like the University of Oxford?
This statistic is widely used to support IS awareness campaigns, but it begs a question. How do you ensure security policy is well understood? Especially in a devolved organisation like the University of Oxford?
IT Risk Management Exercise
EDUCAUSE has published an article, "IT Risk Management: Try This Exercise at Your Institution" to help institutions manage IT risk threat and IT risk opportunity more effectively. It is based on experiences at Princeton and Oxford.
I would be interested in comments...
I would be interested in comments...
Subscribe to:
Posts (Atom)
