In the modern IT security landscape, universities are a key battle ground for both attackers and defenders. In recent years, attacks against university IT infrastructure have grown and so too has the need for more skilled professionals who understand how to defend against attack.
Marisa Viveros, a 22-year IBM veteran and Big Blue's VP of Cyber Security Innovation, is focused on engaging with higher education institutions as an ambassador and an evangelist on the topic of security.
University IT infrastructure requires an especially tough balance between open access and security. "It's the balance between making sure that everyone can bring their mobile device and do cloud computing, while security is in place," Viveros said.
Part of her mission, Viveros said, is to make sure computer science students know how to build in security as part of application development. There is a lot of work going on in universities today in research efforts to help extend the ability of defenders to protect networks, she said. Some of the Universities that IBM works with have built their own honeypots to learn about hacker activities.
Even as universities are striving to keep their networks open, there has been a shift in the security management landscape. While universities are increasingly being targeted by hackers, Viveros said that historically those organizations have not considered themselves to be targets. That situation is now changing.
"I see a lot of universities bringing in people like retired military personnel that have been in charge of cyber security in government," Viveros said. "Those types of people are being brought in to become the CISO (chief information security officer)."
Viveros noted that three years ago she saw few universities with a CISO, but that's not the case in 2014. Today nearly every university that she works with has a CISO and strong security leadership in place.
Given their large surface, university networks are also attractive targets to become botnets from which hackers launch attacks against other organizations.
"There is a combination of students hacking university systems as well as external hackers trying to look at personal information," Viveros said. "Universities hold a lot of critical information which is also a risk."
Viveros said that only a few educational institutions were breached in 2011, but the numbers grew in 2012 and 2013 and the trend is continuing in 2014. "It has been increasing and I see more malware, but I don't see denial of service attacks," she said.
Hands-on Security Education
From a technology perspective, Viveros sees universities increasingly investing in SIEM (security information and event management) technologies in order to get a view into what is going on in their infrastructures. Many universities are also opening up their security operations so students can get hands-on experience helping manage the network.
"We're doing some interesting projects with universities where they are setting up their own security operations centers," Viveros said. "They are augmenting personnel with students in both undergraduate and masters degree programs."
Viveros said there is a need for cyber intelligence professionals who understand security controls and are also able to perform proper security event analysis.
"We need to have more people that are knowledgeable in how to use security and Big Data tools," Viveros said.
Sean Michael Kerner is a senior editor at eSecurity Planet and InternetNews.com. Follow him on Twitter @TechJournalist.