https://library.educause.edu/topics/cybersecurity/security-architecture-and-designen{0392F002-E765-4CA6-977D-06F4AA625629}https://library.educause.edu/resources/2022/9/nist-sp-800-171-overviewThis overview provides a review of the timeline that introduced NIST SP 800-171 "Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations" as a compliance framework, an overview of the control families for the 110 controls and a discussion of the impacts and concerns for higher education.Wed, 14 Sep 2022 16:00:01 Z{611457BC-A06A-4447-974E-2714FF000FD8}https://library.educause.edu/resources/2022/9/nist-sp-800-171-toolkitIn this toolkit, you will find an overview of NIST SP 800-171 and its implications for higher education, questions to ask during project planning, 7 Things You Should Know About CMMC to use when speaking with stakeholders and leadership, and a customizable control evaluation.Wed, 14 Sep 2022 16:00:01 Z{30E76C51-2E8F-4D9C-85DF-82611FBDA45D}https://library.educause.edu/resources/2021/11/arctic-ews-research-paperThis is a joint research project of Arctic Security and EDUCAUSE, The goal was to establish the utility of external cybersecurity monitoring for higher education, and to identify services that could be made easily accessible and boost the cyber defenses of the association’s members. Mon, 08 Nov 2021 19:07:53 Z{CBA8A923-400A-494B-A526-4122A4CF58BE}https://library.educause.edu/resources/2021/5/7-things-you-should-know-about-endpoint-detection-and-responseEndpoint detection and response (EDR) is the process of monitoring endpoint activity in real time, looking for digital threats and implementing measures to halt and remediate those threats. Tue, 25 May 2021 16:55:56 Z{573E2118-CFFA-4728-9554-64F12C5CC75A}https://library.educause.edu/resources/2021/2/2021-educause-horizon-report-information-security-editionThe 2021 EDUCAUSE Horizon Report profiles key trends and emerging technologies and practices shaping the future of information security, and envisions a number of scenarios and implications for that future.Wed, 05 Jul 2023 16:33:24 Z{76112D0C-C230-4FE7-A5AA-0F3B5DF3D870}https://library.educause.edu/resources/2020/8/higher-education-research-cybersecurity-and-cmmc-complianceThis brief, a joint effort on the part of EDUCAUSE and PreVeil, was written to clarify the Department of Defense’s (DoD) new Cybersecurity Maturity Model Certification (CMMC) framework and to guide your institution on its journey to CMMC compliance.Fri, 07 Aug 2020 16:03:53 Z{7EBE5F17-A026-409C-B1D3-90B0FFC21F34}https://library.educause.edu/resources/2015/11/information-security-program-assessment-toolThis self-assessment tool was created to evaluate the maturity of higher education information security programs using as a framework the International Organization for Standardization (ISO) 27002:2013 "Information Technology Security Techniques.Tue, 22 Dec 2015 17:38:04 Z{FDCBA6CF-B935-4255-A12F-51370A214F58}https://library.educause.edu/resources/2008/5/cybersecurity-research-challengesTue, 22 Dec 2015 17:17:35 Z{8F268835-F9D9-439B-9900-5E4CD3F22AE6}https://library.educause.edu/resources/2008/5/newspeak-a-paradigm-for-architectural-securityTue, 22 Dec 2015 17:18:23 Z{0C122AD3-DD24-4C0C-8686-F36D6760C97B}https://library.educause.edu/resources/2008/2/web-applications-development-approachesTue, 22 Dec 2015 17:19:13 Z{E1ADCF42-3574-4033-A8E7-98BC16F89289}https://library.educause.edu/resources/2007/1/open-vs-closedTue, 22 Dec 2015 17:15:00 Z{E3382C87-D8AF-453B-BFBC-1C3EB3A4C567}https://library.educause.edu/resources/2006/3/making-business-sense-of-information-security A well-managed security program starts at the top and must provide strong governance, business risk management, auditing, and control processes.Tue, 22 Dec 2015 17:10:38 Z{D0DF59E7-BA53-42D7-A7ED-49F7963D9B57}https://library.educause.edu/resources/2006/2/reconnections-managing-academic-networks-with-new-requirementsTue, 22 Dec 2015 17:11:06 Z{D7A02FB0-7256-41C2-8E0A-E63F31563205}https://library.educause.edu/resources/2006/1/national-infrastructure-protection-plan-nippPursuant to Homeland Security Presidential Directive (HSPD)-7, this National Infrastructure Protection Plan describes a comprehensive, integrated Federal plan for critical infrastructure and key resources protection, and designates specific Federal departments and agencies as Sector-Specific Agencies SSAs) responsible for protection activities in 17 specific critical infrastructure and key resource sectors.Tue, 22 Dec 2015 17:10:43 Z{66E1C2EF-5887-42E2-A8CB-63B9EE1BAF75}https://library.educause.edu/resources/2005/12/building-more-secure-information-systemsTue, 22 Dec 2015 17:05:19 Z{882BB5EA-61C6-4C4F-A336-C85C7B59EBBA}https://library.educause.edu/resources/2005/5/firewalls-vpns-and-intrusion-detection-systems-in-a-university-environmentTue, 22 Dec 2015 17:06:00 Z{9E222913-95E6-4CDA-8ADF-B525F5E90C05}https://library.educause.edu/resources/2005/1/gartner-microsoft-missed-opportunity-in-securityTue, 22 Dec 2015 17:06:03 Z{A27AC67E-377B-4749-9156-9431751B47CA}https://library.educause.edu/resources/2005/1/enterprise-security-architectureTue, 22 Dec 2015 17:05:51 Z{5F458840-748F-4EBA-8E7C-9C1B420B141F}https://library.educause.edu/resources/2004/1/protecting-our-nations-cyber-space-educational-awareness-for-the-cyber-citizenSo, why aren't cyber citizens patching their systems, installing firewalls and keeping their anti-virus programs up to date? What are the best tools available to increase our cyber protection? This hearing will examine the current public and private initiatives underway to educate home users and small business on basic cyber security.Tue, 22 Dec 2015 17:03:27 Z{A929A5C2-1BDD-41E1-9E56-3FA93165ACA6}https://library.educause.edu/resources/2004/1/risk-perception-and-trusted-computer-systems-is-open-source-software-really-more-secure-than-proprietary-softwareTue, 22 Dec 2015 17:03:35 Z