Contenu connexe

Similaire à ER&L 2023 - Invisible Threat, Cybercrime and the Library.pptx(20)

Plus de Matthew Ragucci(18)



ER&L 2023 - Invisible Threat, Cybercrime and the Library.pptx

  1. Tuesday, March 7, 2023 2:45 PM CST Invisible Threat: Cybercrime and the Library David W. Green Library Systems Analyst, State Library of Ohio Don Hamparian Senior Product Manager, OCLC Matthew Ragucci Associate Director of Product Marketing, Wiley Stacey Best-Ruel Director of Marketing, Springer Nature
  2. Stacey Best-Ruel Introductions & Agenda Director of Marketing, Key Accounts, Americas
  3. Wiley Green External 2021-10.potx 3 ◊ Introductions ◊ OCLC perspective ◊ Library perspective ◊ Publisher perspective ◊ Questions Agenda
  4. Wiley Green External 2021-10.potx 4 Cybercrime Bresnick, Peggy. ”4 Reasons Cyber Criminals Are Targeting Higher Education” Fierce Education. March 8, 2021. D’Agostino, Susan.”Ransomware Attacks Against Higher Education” Inside Higher Ed. July 22, 2022. U.S. Department of Health and Human Services Office for Civil rights. “Cases Currently Under Investigation” Continuous update. Accessed on February 21, 2023 Known Higher Ed and Library Cyber Attacks Population Higher Education has a huge base of users, more opportunity for phishing emails Data Higher Ed institutions hold a huge amount of data on both current and past students, faculty, and vendors. Getting in equals a gold mine. Espionage Research conducted at Higher Ed Institutions is immensely valuable, especially medical and engineering research. Easy targets Crippling a college or university with potentially thousands of users pressures the institutions into fast, expensive solutions. It’s estimated that 75% of Higher Ed cyber attacks succeed. Why hackers target colleges and universities? * Paid $1.14 million *
  5. Don Hamparian OCLC Perspectives on Cybersecurity Senior Product Manager
  6. Why library cybersecurity matters Remote access to services Library technical infrastructure Information and digital literacy Privacy
  7. Libraries as security advocates Libraries have the Relationships to Protect: ✔ Patron privacy ✔ Institution assets and reputation ✔ Publisher assets
  8. Personal email accounts Personal financial information University research Department budgets Confidential information about personnel Licensed e-content What stolen credentials can access Social Media
  9. Mitigate these risks and protect patrons Password policies & multifactor Systems management & IT relationship EZproxy & Server Configuration IT and vendor policies Security education
  10. Attack vectors – EZproxy and other e-content access services EZproxy is popular making it an attack target; hosting provides additional protections Password guessing and stealing happen around malicious usage of valid accounts via smishing/ phishing Configuration attacks - Review Configuration, Logs, Intrusion Alerts, Security Rules Denial of service – Having a hardened network layer provides additional protections
  11. Four EZproxy Configuration Tips Intrusion API Log or deny logins potentially malicious IP addresses Security Rules Real-time detection and notification of security events Pseudonymous Identifier Reduce IP blocks by publishers ; find compromised user credentials Login Intrusion Detection (User and IP) Log and Enforce intrusion detection and apply evasion periods
  12. Pseudonymous Identifier Feedback Loop ● Publisher detects unauthorized user with ID​ ● Publisher contacts library and shares ID​ ● Library uses ID to identify compromised credentials​ ● Library implements security protocols​
  13. David W. Green Library perspective Library Systems Analyst
  14. Wiley Green External 2021-10.potx 14 Shared Responsibility Collaboration is Key • Not an IT problem • Attacks not unique to IT • …or to Fortune 500 companies • We’re vulnerable Worst thing to do is do nothing
  15. Wiley Green External 2021-10.potx 15 Engagement Connections • Seek conference and workshop opportunities • EDUCAUSE • SNSI Upcoming Events What we’re doing • OPLIN, SEO, OhioLINK • Online webinars • Cybersecurity Conference
  16. Wiley Green External 2021-10.potx 16 Awareness Campaign for Information Security • Consider patrons, faculty, yourself • Connect with IT for potential collaboration What we’re doing • Open Office Hours • Cybersecurity Awareness Month • Weekly Cyber Security Briefs • CISA
  17. Wiley Green External 2021-10.potx 17 Mature Security Practices Authentication • Modern authentication • SAML / OpenID Connect What we’re doing • EZproxy • OHID (State of Ohio’s SSO) • Moving away from barcodes (TODO)
  18. Wiley Green External 2021-10.potx 18 Mature Security Practices Passwords • Password managers • Complex • Unique What we’re doing • No more Post-It Notes! • Password Manager for all staff • Multi-Factor Authentication app
  19. Wiley Green External 2021-10.potx 19 Mature Security Practices
  20. Wiley Green External 2021-10.potx 20 Mature Security Practices Other things • Security Hygiene • SSL everywhere • Backup (and restore!) • Electronic resources • PaaS/SaaS What we’re doing • Let’s Encrypt • haveibeenpwned • “Tested” our backup… • Static websites
  21. Wiley Green External 2021-10.potx 21 Have a Plan Incident Response… Cyber Attack… Business Continuity… Cybersecurity… Communications…
  22. Matthew Ragucci Associate Director, B2B Product Marketing Publisher Perspectives on Cybersecurity
  23. Wiley Green External 2021-10.potx 23 Content Protection & Privacy Security is a multi-stakeholder concern • Striking a balance • We can have both privacy and protection Abuse monitoring systems • Robust and effective • Protects content and institutions Obligations to protect user & institutional data Regulation compliance
  24. Wiley Green External 2021-10.potx 24 Institutional Scenarios Compromised credentials Disruptive IP blocks False/inflated usage data in COUNTER reports Ransomware attacks Going offline and diminished usage
  25. Wiley Green External 2021-10.potx 25 Protect user privacy and against disruption: ✔ EZproxy Pseudonymous Identifier SAML-based authentication: ✔ Federations ✔ Shibboleth ✔ OpenAthens Cross-industry, friction reduction initiatives: ✔ GetFTR ✔ Seamless Access ✔ Content Syndication Potential Solutions
  26. Wiley Green External 2021-10.potx 26 About the Scholarly Networks Security Initiative ▪ The Scholarly Networks Security Initiative (SNSI) brings together publishers and institutions to solve cyber-challenges threatening the integrity of the scientific record, scholarly systems and the safety of personal data. ▪ Members include large and small publishers, learned societies and university presses, libraries and others involved in scholarly communications. ACADEMIC IT SECURITY LIBRARY RESEARCH PUBLISHING
  27. Wiley Green External 2021-10.potx 27 SNSI tips for academic librarians on building strong information security defenses at your institution
  29. Questions? Ask the panelists
  30. Thank You!