Last month I attended my first Campus Technology conference, in Boston. I think it's fair to say that while computer security was not the focus, it certainly was prevalent and appreciated by attendees. In fact, CIO ranked the cybersecurity topics and panels as one of the “6 Best Things” at Campus Tech. To demonstrate this further, the closing Keynote was from William Perry on “The How, Why and What of Cyber Security,” which presented just about as comprehensive a high-level view as possible in a 50-minute slot.
Let’s not forget about the other whizbang things discussed at Campus Tech, like MOOCs, ePortfolios, and this new thing I've heard of called "Social Media" and how it might be used in a college setting to help new students get acclimated, provide timely info about campus events, and all sorts of other things too advanced for old fossils like me to fathom. Fair enough: computer security has been around since at least the 1980s, so it's hardly the "hot new topic." However, based on the questions that were asked at the ESET booth, it seems that – while perhaps not whizbang – the attention was on Disk Encryption and Two-Factor Authentication (2FA). That's a Good Thing, since these are both very important and, though security experts have been recommending their use for quite some time, are relatively new on the radar of some customers.
Given the focus, I ended up attending some sessions that just seemed interesting, though there was no security hook. For me, the best of these was MIT Captures Lectures with Multiple Cameras and No Staff -- way cool: self-contained cameras and computers that are able to track professors pacing back-and-forth – and rest assured, profs have mastered the art of pacing back and forth!
There were two highlights of the conference for me. The first, no surprise, was Reevaluating Cybersecurity in Higher Education, a lively panel discussion with audience Q&A, featuring Christian Hamer, CISO, Harvard University, and our own Lysa Myers. Topics included encryption and 2FA (of course!), but also ranged from defense in depth to BYOD to compliance and regulations to IT "not being the Dept. of 'No'" to the importance of non-technical protection by "Securing The Human" via ongoing education. Some of Christian's thought-provoking comments on these and other topics from the panel discussion are here. There is more from Christian, Lysa, and others on various security topics in this short video:
The second highlight was an unexpected one. All the luncheon tables had signs on them for various topics – the "Roundtable Networking Lunch in the Exhibit Hall." I figured this would be where people would find an open spot at any table and discuss anything but the supposed topic, but I dutifully wandered through the sea of tables until I found one for "Endpoint Security." Fortunately, there was an open seat, so I started to dine. To my surprise, the gentleman seated next to me asked "What's the greatest threat out there today?", which led to a lively discussion of file encrypting malware, the importance of offline backups, and a possible business opportunity for his company (in effect an ISP for Higher Ed, among other things). Indeed, this conversation will almost surely lead to a future article from me on WeLiveSecurity – watch this space!