Educause Security Professionals Conference – Proposal Accepted

virtual

I am excited to share that I will be presenting at the 2015 Educause Security Professionals Conference by means of an online-only session.  It will take place on May 5th from 9:15-10:15 AM.  Although I am not a complete stranger to public speaking, this will be my first presentation at Educause and my very first online presentation.  It should be an adventure!

Title:  Good Enough Security: When is it good enough?

Session Abstract:  While many security professionals focus on “best” practices, in many cases “good enough” security would suffice for deflecting the majority of threats.  In an effort to maintain a balanced viewpoint and avoid becoming myopic regarding security requirements, it is important that we come to terms with what level of security is “good enough” within the culture of higher education.  Join us for an interactive, spirited and subjective discussion regarding what level of security is “good enough” in areas such as password complexity and change requirements, network architecture, endpoint security, and many other specific scenarios.

Session Participant Engagement Strategies:  After a brief discussion surrounding the selfish herd principal and why risk based “good enough” security should not be discounted, I will present various multiple choice examples and scenarios.  Each participant will vote on what option they feel is “good enough” by means of live polling via the internet.  After voting is completed, I will offer my own perspective / experience and then go through each choice one by one.  As time allows, advocates for each option will have the opportunity to justify their choice and others will have the opportunity to express why they disagree.  The intention is to stimulate a meaningful discussion and help participants reach a reasonable viewpoint regarding what configurations, standards and designs are likely “good enough.”

What do you think of the session topic?  Do you have any ideas regarding what I should cover during this session?  Any strong opinions regarding what is “good enough security” in the environments you support or work in?  Are there security measures you have encountered that seem unnecessary or overkill? 

Share your thoughts in the comments below and don’t forget to subscribe!

3 thoughts on “Educause Security Professionals Conference – Proposal Accepted

  1. This looks a great session … I am planning to attend virtually. I really like the real world focus on “good enough.” Too many times we spend too much time trying to get to a perfect state and that just isn’t reality for many institutions. I love making progress on things that reduce our threat profile. Good stuff! Congrats!

  2. replica rolex, la prima risalente addirittura al 1926, è stata la prima vera La cassa resistente all’acqua era sinonimo di orologeria, che arrivò molto più tardi e stabilì il rivoluzionario meccanismo del rotore che diede inizio alla moderna dinastia a carica automatica.

Leave a Reply

Your email address will not be published. Required fields are marked *