Thursday, 16 April 2015

World's Biggest Data Breaches - terrific graphic

There is a terrific new Information is Beautiful interactive that presents the World's Biggest Data Breaches. It is produced by the data visualiser David McCandless.   It taxonomises the biggest data breaches, by year, by 'number of records stolen' or 'data sensitivity', and also by 'method of leak' (giving very interesting results). It can also show results by 'Organisation' type - how do you think 'Education' fares?

Tuesday, 31 March 2015

Universities need to plug into threat of cyber-attacks

An interesting article that states, "Desirable research plus students’ personal and financial details make universities a juicy target for cyber-criminals. But are they doing anything about it?"

In my opinion the following quote is the best part of the article, "Like so many challenges raised by the internet, cybersecurity is less a finite goal than a process – and one of risk management rather than risk removal."

Tuesday, 17 March 2015

UCISA Information Security Management Toolkit

A UCISA Information Security Management Toolkit, that some of us developed, has just been published.

The Toolkit will:
  • assist those who have responsibility for implementing information security across the organisation by providing advice and guidance to them;
  • help them to provide senior university management with an understanding of why information security is an important, organisation-wide issue. 
It is intended as a practical resource, providing an overview of the key aspects of a successful ISMS and guidance on how to implement them. It also includes case studies, as well as templates and example resources which organisations can tailor to suit their needs.

Cyberweapons Have No Allegiance

An interesting article from Bruce Schneier.   Here is an extract:

"But here's the problem: technological capabilities cannot distinguish based on morality, nationality, or legality; if the US government is able to use a backdoor in a communications system to spy on its enemies, the Chinese government can use the same backdoor to spy on its dissidents.

Even worse, modern computer technology is inherently democratizing. Today's NSA secrets become tomorrow's PhD theses and the next day's hacker tools. As long as we're all using the same computers, phones, social networking platforms, and computer networks, a vulnerability that allows us to spy also allows us to be spied upon.

We can't choose a world where the US gets to spy but China doesn't, or even a world where governments get to spy and criminals don't. We need to choose, as a matter of policy, communications systems that are secure for all users, or ones that are vulnerable to all attackers. It's security or surveillance."

It relates to many press articles on surveillance over the last week.

Defining the Strategic Leader

EDUCAUSE and Jisc formed a Task Force to address the issue -  Technology in Higher Education: Defining the Strategic Leader

The Task Force found a number of recurring themes including: 'The CIO Position is Fragmenting" and "Transitioning from an Operational Focus to a Strategic One".   It goes on to articulate a Model for IT Leadership with three primary roles: 'Trusted Advisor', 'Visionary' and 'Relationship Builder'.

It states that there are three key aspects to the role: 'Understand the Organisation', 'Provide Information Systems and Technology Leadership', and 'Bringing Transformation to Life'.

Interestingly,  the conclusions reached were relevant to both the United States and the United Kingdon.

Wednesday, 21 January 2015

Top Ten IT Issues for 2015

Each year EDUCAUSE / ECAR produces a set of Top 10 IT Issues. A preview was seen at the EDUCAUSE conference in October 2014 (see earlier blog entry).
The latest EDUCAUSE Review (the 50th) is devoted to the issue, and certainly worth reading.
The item titled, "Ten Reasons to Tackle the Top 10 IT Issues" is particular interesting. For example:
  • Administrative systems can improve not just operations but also institutional competitiveness
  • We are building tomorrow's infrastructure today
  • Information technology is about people
"An Administrative IT Perspective on the Top 10 IT Issues"  gives another angle on the results. It selects three of the EDUCAUSE Top 10 IT Issues for 2015 as a useful lens for viewing administrative IT programs at higher education institutions. Taken together, these three issues can serve as a roadmap for administrative IT strategy:
  • Issue #3: Developing IT Funding Models That Sustain Core Service, Support Innovation, and Facilitate Growth
  • Issue #9: Developing an Enterprise IT Architecture That Can Respond to Changing Conditions and New Opportunities
  • Issue #5: Demonstrating the Business Value of Information Technology and How the IT Organization Can Help the Institution Achieve Its Goals

Friday, 19 December 2014

Cryptoy from GCHQ

The Cryptoy app was designed by Science, Technology, Engineering and Maths (STEM) students on an industrial placement at GCHQ. It was created as part of a project to demonstrate encryption techniques at the Cheltenham Science Festival, and has since been demonstrated at other educational events.

Download from: