Mason and Educause Produce Computer Security Video

Posted: August 11, 2005 at 1:00 am, Last Updated: November 30, -0001 at 12:00 am

By Kurt Ankeny-Beauchamp

“Okay, President Merten, one morning you get a call that no president wants to get—a server containing confidential data has been hacked. What happened next?” At this prompt from Frank Sesno, professor of public policy and communication and CNN special correspondent, President Alan Merten launches into an account of George Mason’s hacker troubles earlier this year.

The exchange was taped in GMU-TV’s production studio in Innovation Hall for a video produced by Sesno and sponsored by Mason’s Critical Infrastructure Protection Program and Educause, a consortium of 1,900 higher education institutions that promotes the safe use of information technology on college campuses.

With Sesno as moderator, Merten and Mason CIO Joy Hughes, along with Freeman Hrabowski, president of the University of Maryland Baltimore County (UMBC), and Jack Suess, UMBC CIO, were participating in a discussion about security attacks on their campuses and strategies they have implemented to make computer systems and confidential data more secure.

This was a serious discussion, and for good reason: there is a lot at stake for higher education. How can an institution dedicated to the open exchange of knowledge and ideas remain cyber-secure? College campuses are home to computers storing Social Security numbers, credit card numbers, research data about national security or bioterrorism, health information, and other sensitive data. All can be vulnerable to exposure and exploitation.

High-profile security breach incidents have put the spotlight on security on campuses nationwide, and the video is designed to trigger dialogue between IT leadership, institution presidents, and governing board members about the responsibilities of the institution and the steps that can be taken to reduce data vulnerability.

The video premiered at the Educause Seminar on Academic Computing held in Colorado this week, and was “very well received,” according to Hughes, who attended. The video will be shown around the country at various gatherings for presidents, governing board members, CIOs, and other university professionals. It will also be distributed in hardcopy and via web-streaming by Educause to facilitate discussion outside the conference circuit.

“This is all about changing the locus of responsibility,” Hughes notes. “In the past, IT security has been considered the domain of the central IT department, even though almost all incidents occur on computers not under the control of the IT department. We must change the culture so that everyone thinks of information security as a part of their job, and the leadership of the institution holds them accountable.”

Write to at