Tuesday, 31 March 2015
In my opinion the following quote is the best part of the article, "Like so many challenges raised by the internet, cybersecurity is less a finite goal than a process – and one of risk management rather than risk removal."
Tuesday, 17 March 2015
UCISA Information Security Management ToolkitA UCISA Information Security Management Toolkit, that some of us developed, has just been published.
The Toolkit will:
- assist those who have responsibility for implementing information security across the organisation by providing advice and guidance to them;
- help them to provide senior university management with an understanding of why information security is an important, organisation-wide issue.
"But here's the problem: technological capabilities cannot distinguish based on morality, nationality, or legality; if the US government is able to use a backdoor in a communications system to spy on its enemies, the Chinese government can use the same backdoor to spy on its dissidents.
Even worse, modern computer technology is inherently democratizing. Today's NSA secrets become tomorrow's PhD theses and the next day's hacker tools. As long as we're all using the same computers, phones, social networking platforms, and computer networks, a vulnerability that allows us to spy also allows us to be spied upon.
We can't choose a world where the US gets to spy but China doesn't, or even a world where governments get to spy and criminals don't. We need to choose, as a matter of policy, communications systems that are secure for all users, or ones that are vulnerable to all attackers. It's security or surveillance."
It relates to many press articles on surveillance over the last week.
Defining the Strategic LeaderEDUCAUSE and Jisc formed a Task Force to address the issue - Technology in Higher Education: Defining the Strategic Leader.
The Task Force found a number of recurring themes including: 'The CIO Position is Fragmenting" and "Transitioning from an Operational Focus to a Strategic One". It goes on to articulate a Model for IT Leadership with three primary roles: 'Trusted Advisor', 'Visionary' and 'Relationship Builder'.
It states that there are three key aspects to the role: 'Understand the Organisation', 'Provide Information Systems and Technology Leadership', and 'Bringing Transformation to Life'.
Interestingly, the conclusions reached were relevant to both the United States and the United Kingdon.
Wednesday, 21 January 2015
Top Ten IT Issues for 2015
Each year EDUCAUSE / ECAR produces a set of Top 10 IT Issues. A preview was seen at the EDUCAUSE conference in October 2014 (see earlier blog entry).
The latest EDUCAUSE Review (the 50th) is devoted to the issue, and certainly worth reading.
The item titled, "Ten Reasons to Tackle the Top 10 IT Issues" is particular interesting. For example:
- Administrative systems can improve not just operations but also institutional competitiveness
- We are building tomorrow's infrastructure today
- Information technology is about people
"An Administrative IT Perspective on the Top 10 IT Issues" gives another angle on the results. It selects three of the EDUCAUSE Top 10 IT Issues for 2015 as a useful lens for viewing administrative IT programs at higher education institutions. Taken together, these three issues can serve as a roadmap for administrative IT strategy:
- Issue #3: Developing IT Funding Models That Sustain Core Service, Support Innovation, and Facilitate Growth
- Issue #9: Developing an Enterprise IT Architecture That Can Respond to Changing Conditions and New Opportunities
- Issue #5: Demonstrating the Business Value of Information Technology and How the IT Organization Can Help the Institution Achieve Its Goals
Friday, 19 December 2014
Cryptoy from GCHQ
The Cryptoy app was designed by Science, Technology, Engineering and Maths (STEM) students on an industrial placement at GCHQ. It was created as part of a project to demonstrate encryption techniques at the Cheltenham Science Festival, and has since been demonstrated at other educational events.