ER&L 2023 - Invisible Threat, Cybercrime and the Library.pptx

ER&L 2023 - Invisible Threat, Cybercrime and the Library.pptx
Tuesday, March 7, 2023 2:45 PM CST Invisible Threat: Cybercrime and the Library David W. Green Library Systems Analyst, State Library of Ohio Don Hamparian Senior Product Manager, OCLC Matthew Ragucci Associate Director of Product Marketing, Wiley Stacey Best-Ruel Director of Marketing, Springer Nature https://unsplash.com/photos/MQlVnTc4OBg
Stacey Best-Ruel Introductions & Agenda Director of Marketing, Key Accounts, Americas
Wiley Green External 2021-10.potx 3 ◊ Introductions ◊ OCLC perspective ◊ Library perspective ◊ Publisher perspective ◊ Questions Agenda https://unsplash.com/photos/ocJPz_-RA9w
Wiley Green External 2021-10.potx 4 Cybercrime Bresnick, Peggy. ”4 Reasons Cyber Criminals Are Targeting Higher Education” Fierce Education. March 8, 2021. https://www.fierceeducation.com/best-practices/4-reasons-cyber-criminals-are-targeting-higher-education-part-1 D’Agostino, Susan.”Ransomware Attacks Against Higher Education” Inside Higher Ed. July 22, 2022. https://www.insidehighered.com/news/2022/07/22/ransomware-attacks-against-higher-ed-increase. U.S. Department of Health and Human Services Office for Civil rights. “Cases Currently Under Investigation” Continuous update. Accessed on February 21, 2023 Known Higher Ed and Library Cyber Attacks Population Higher Education has a huge base of users, more opportunity for phishing emails Data Higher Ed institutions hold a huge amount of data on both current and past students, faculty, and vendors. Getting in equals a gold mine. Espionage Research conducted at Higher Ed Institutions is immensely valuable, especially medical and engineering research. Easy targets Crippling a college or university with potentially thousands of users pressures the institutions into fast, expensive solutions. It’s estimated that 75% of Higher Ed cyber attacks succeed. Why hackers target colleges and universities? * Paid $1.14 million *
Don Hamparian OCLC Perspectives on Cybersecurity Senior Product Manager
Why library cybersecurity matters Remote access to services Library technical infrastructure Information and digital literacy Privacy
Libraries as security advocates Libraries have the Relationships to Protect: ✔ Patron privacy ✔ Institution assets and reputation ✔ Publisher assets
Personal email accounts Personal financial information University research Department budgets Confidential information about personnel Licensed e-content What stolen credentials can access Social Media
Mitigate these risks and protect patrons Password policies & multifactor Systems management & IT relationship EZproxy & Server Configuration IT and vendor policies Security education
Attack vectors – EZproxy and other e-content access services EZproxy is popular making it an attack target; hosting provides additional protections Password guessing and stealing happen around malicious usage of valid accounts via smishing/ phishing Configuration attacks - Review Configuration, Logs, Intrusion Alerts, Security Rules Denial of service – Having a hardened network layer provides additional protections
Four EZproxy Configuration Tips Intrusion API Log or deny logins potentially malicious IP addresses Security Rules Real-time detection and notification of security events Pseudonymous Identifier Reduce IP blocks by publishers ; find compromised user credentials Login Intrusion Detection (User and IP) Log and Enforce intrusion detection and apply evasion periods
Pseudonymous Identifier Feedback Loop ● Publisher detects unauthorized user with ID ● Publisher contacts library and shares ID ● Library uses ID to identify compromised credentials ● Library implements security protocols
David W. Green Library perspective Library Systems Analyst
Wiley Green External 2021-10.potx 14 Shared Responsibility Collaboration is Key • Not an IT problem • Attacks not unique to IT • …or to Fortune 500 companies • We’re vulnerable Worst thing to do is do nothing
Wiley Green External 2021-10.potx 15 Engagement Connections • Seek conference and workshop opportunities • EDUCAUSE • SNSI Upcoming Events What we’re doing • OPLIN, SEO, OhioLINK • Online webinars • Cybersecurity Conference
Wiley Green External 2021-10.potx 16 Awareness Campaign for Information Security • Consider patrons, faculty, yourself • Connect with IT for potential collaboration What we’re doing • Open Office Hours • Cybersecurity Awareness Month • Weekly Cyber Security Briefs • CISA
Wiley Green External 2021-10.potx 17 Mature Security Practices Authentication • Modern authentication • SAML / OpenID Connect What we’re doing • EZproxy • OHID (State of Ohio’s SSO) • Moving away from barcodes (TODO)
Wiley Green External 2021-10.potx 18 Mature Security Practices Passwords • Password managers • Complex • Unique What we’re doing • No more Post-It Notes! • Password Manager for all staff • Multi-Factor Authentication app
Wiley Green External 2021-10.potx 19 Mature Security Practices
Wiley Green External 2021-10.potx 20 Mature Security Practices Other things • Security Hygiene • SSL everywhere • Backup (and restore!) • Electronic resources • PaaS/SaaS What we’re doing • Let’s Encrypt • haveibeenpwned • “Tested” our backup… • Static websites
Wiley Green External 2021-10.potx 21 Have a Plan Incident Response… Cyber Attack… Business Continuity… Cybersecurity… Communications…
Matthew Ragucci Associate Director, B2B Product Marketing Publisher Perspectives on Cybersecurity
Wiley Green External 2021-10.potx 23 Content Protection & Privacy Security is a multi-stakeholder concern • Striking a balance • We can have both privacy and protection Abuse monitoring systems • Robust and effective • Protects content and institutions Obligations to protect user & institutional data Regulation compliance https://unsplash.com/photos/YccQtENMuXw
Wiley Green External 2021-10.potx 24 Institutional Scenarios Compromised credentials Disruptive IP blocks False/inflated usage data in COUNTER reports Ransomware attacks Going offline and diminished usage https://unsplash.com/photos/icrhAD-qidc
Wiley Green External 2021-10.potx 25 Protect user privacy and against disruption: ✔ EZproxy Pseudonymous Identifier SAML-based authentication: ✔ Federations ✔ Shibboleth ✔ OpenAthens Cross-industry, friction reduction initiatives: ✔ GetFTR ✔ Seamless Access ✔ Content Syndication Potential Solutions https://unsplash.com/photos/TQ3JV9ECgLM
Wiley Green External 2021-10.potx 26 About the Scholarly Networks Security Initiative ▪ The Scholarly Networks Security Initiative (SNSI) brings together publishers and institutions to solve cyber-challenges threatening the integrity of the scientific record, scholarly systems and the safety of personal data. ▪ Members include large and small publishers, learned societies and university presses, libraries and others involved in scholarly communications. ACADEMIC IT SECURITY LIBRARY RESEARCH PUBLISHING
Wiley Green External 2021-10.potx 27 SNSI tips for academic librarians on building strong information security defenses at your institution
https://tinyurl.com/SNSITips
Questions? Ask the panelists https://unsplash.com/photos/YndHL7gQIJE
https://unsplash.com/photos/2DH-qMX6M4E Thank You!

Check these out next

ER&L 2023 - Invisible Threat, Cybercrime and the Library.pptx

Recommandé

Contenu connexe

Similaire à ER&L 2023 - Invisible Threat, Cybercrime and the Library.pptx(20)

Plus de Matthew Ragucci(18)

Dernier(20)

ER&L 2023 - Invisible Threat, Cybercrime and the Library.pptx