Tim Lane (SCU) and Ashley Deuble (Griffith) attended the EDUCAUSE Cybersecurity conference in Denver recently. With approximately 600 attendees, mainly represented from the USA and Canada, the conference included a wide variety of higher education specific sessions on cybersecurity. A key finding from several of the larger universities was the push from many institution’s Executive to introduce Multi Factor Authentication for accessing IT systems. This has been driven by extensive and damaging attacks arising from phishing campaigns, highlighting a clear cost benefit analysis for MFA. A case in point was Indiana University who successfully introduced in a relatively short time MFA using ‘duo’ across almost every IT system for all 114 000 students, staff and faculty.
The conference also provided the opportunity for further discussions with the USA based REN-ISAC staff, and a 20% discount on membership has been negotiated for institutions who want to join REN-ISAC under an aggregated invoicing arrangement. Currently SCU and Griffith are the Australian representative members of REN-ISAC, and NZ has five universities joined. REN-ISAC is open to five eyes countries (The "Five Eyes" (FVEY) refer to an alliance comprising Australia, Canada, New Zealand, the United Kingdom and the United States) and there are approximately 700 USA and Canadian based member institutions, with nearly 2000 individual members who are sharing information and collaborating on cyber related issues. This represents an extremely rich forum for information and threat intelligence exchange.