Introduction to EUNIS, the InfoSec workshop and its participants.
Introduction by the host Victoriano Giralt, CIO of University of Malaga. Situation of Spanish universities regarding information security.
In his keynote Dr. Gaute Wangen will discuss key issues in risk managing cybersecurity at the modern university.
As part of the "Digital Campus Bavaria" program, a cross-university advisory service on information security issues for all state universities and colleges in Bavaria was established at the computer center of the Augsburg University of Applied Sciences. This is financed by the Free State of Bavaria. Tasks are Information Security Inventory at Bavaria's universities, taking into account the...
After the merge of three IT service organizations, Unit - the Norwegian Directorate for ICT and Joint Services in Higher Education and Research was born. Unit are currently working to implement the national ISMS. We will share some experiences and lesson learned on our road to towards the finished implementation.
Talk focuses on GDPR in the everyday life of higher education insitutions in Norway. Achievements and challanges in 2019, as well as recommendations for the year 2020.
Art. 7 GDPR describes conditions for consent. Recital 43 describes especially the Freely Given Consent. Many IT systems have a problem with forced consent during registration that can be avoided.
Sikresiden.no (on the safe side in English) is a web page used by a lot of different insitutions in Norway which offers training and guidance on what to do in emergency situations.
Discussion on differences, benefits, solutions to challenges.
Conclusion to first day and looking at dinner and second day.
Reflection on first day and introduction to second day with practical IT security topics.
Information and services offered by the Open CSIRT Foundation (OCF). Introduction to Security Incident Management Maturity Model (SIM3) and its new online tool.
Wouldn't it be great if management would have an automated checking mechanism to determine if a service is ready to go operational? A tool that checks if the new system or service has performed risk assessment, has a data processing agreement, performed successful penetration test et cetera. We have made such an API and we are now testing it, aiming for taking it in production in January 2020....
Presentation on how vulnerability management is organized and implemented with OpenVAS at University of Münster. Which prerequisites are required? What are the results?
DFN-CERT is the computer emergency response team of German NREN DFN. Presentation of the IT security related services offered by DFN-CERT for its constituents.
Three live demos that show how a hacker can compromise a PC when having physical access to it. Get ready for some live hacking.
Preperation and mitigation of Emotet threat.
Further discussion in groups of 5-7 on the most pressing challenges that came up so far.
Discussion feedback and results
Conclusion and wrap up. Publication of workshop results. Next meeting as pre-congress workshop at annual EUNIS conference in Helsinki (June, 08.-12.2020).