SlideShare une entreprise Scribd logo

Data Protection for Higher Education

Kate Carruthers
Kate Carruthers

Presentation at EduTECH 2021 https://www.terrapinn.com/exhibition/edutech-australia/agenda.stm

Technologie
1  sur  42
Télécharger pour lire hors ligne
Data Protection for Higher Education Kate Carruthers UNSW Sydney August 2021 Edutech 2021
Agenda • Data protection issues • Some tips on where to start • The need for teamwork 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 1
7 September, 2021 UNSW Sydney | Data Protection for Higher Education 2 Higher Education Context
Higher Education Context Teaching Research Administration 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 3 Increasing amounts of student and staff interaction data Huge volumes of data – anything from patient clinical data to climate data and everything in between. Large amounts of PII for staff and students: TFNs, Bank accounts, etc.
7 September, 2021 UNSW Sydney | Data Protection for Higher Education 4 Data governance is a key foundation for cyber & information security Cyber security, information security, data governance, and enterprise risk management are a key focus
7 September, 2021 UNSW Sydney | Data Protection for Higher Education 5
7 September, 2021 UNSW Sydney | Data Protection for Higher Education 6
7 September, 2021 UNSW Sydney | Data Protection for Higher Education 7 Some definitions
Data Governance "Data governance is the organization and implementation of policies, procedures, structure, roles, and responsibilities which outline and enforce rules of engagement, decision rights, and accountabilities for the effective management of information assets." (John Ladley, Data Governance: How to Design, Deploy and Sustain an Effective Data Governance Program, 2012) 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 8
Cyber security and information security are not the same thing 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 9
Cyber Security 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 10 “The ability to protect or defend the use of cyberspace from cyber attacks.” Source: NIST Computer Security Resource Center - CNSSI-4009-2015
Information Security 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 11 “The protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability.” Source(s): NIST Computer Security Resource Center - FIPS 199 (44 U.S.C., Sec. 3542)
Attack Surface 1.Digital attack surface oKnown assets oUnknown assets oRogue assets 2.Physical attack surface 3.Social engineering attack surface 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 12
7 September, 2021 UNSW Sydney | Data Protection for Higher Education 13 Threat landscape
Threat landscape “Threat landscape maps Malware standing strong as #1 Cyber Threat in the EU, with an increase in Phishing, Identity Theft, Ransomware; Monetisation holding its place as cyber criminals’ top motivation; and the COVID-19 environment fuelling attacks on homes, businesses, governments and critical infrastructure.” 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 14 Source ENISA Threat Landscape 2020: Cyber Attacks Becoming More Sophisticated, Targeted, Widespread and Undetected: https://www.enisa.europa.eu/news/enisa-news/enisa-threat-landscape-2020
Impact of cybercrime in Australia 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 15 Source: Cyber Security and Australian Small Businesses Results from the Australian Cyber Security Centre Small Business Survey, Nov 2020. Small Business Survey Results | Cyber.gov.au
Top threats 1. Malware 2. Web-based Attacks 3. Phishing 4. Web Application Attacks 5. SPAM 6. Distributed Denial of Service (DDoS) 7. Identity Theft 8. Data Breach 9. Insider Threat 10. Botnets 11. Physical Manipulation, Damage, Theft and Loss 12. Information Leakage 13. Ransomware 14. Cyber Espionage 15. Crypto-jacking 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 16 https://www.enisa.europa.eu/news/enisa-news/enisa-threat-landscape-2020
Top threats 1. Malware 2. Web-based Attacks 3. Phishing 4. Web Application Attacks 5. SPAM 6. Distributed Denial of Service (DDoS) 7. Identity Theft 8. Data Breach 9. Insider Threat 10. Botnets 11. Physical Manipulation, Damage, Theft and Loss 12. Information Leakage 13. Ransomware 14. Cyber Espionage 15. Crypto-jacking 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 17 https://www.enisa.europa.eu/news/enisa-news/enisa-threat-landscape-2020
The perimeter has shifted 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 18
The perimeter is everywhere now 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 19 https://www.isaca.org/resources/isaca-journal/issues/2020/volume-6/harnessing-zero-trust-security
7 September, 2021 UNSW Sydney | Data Protection for Higher Education 20 This means that we need to evolve our practices. We can’t hide behind our firewalls any more.
Data security is not just one thing 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 21 Data & Information Governance Cyber & Information Security Privacy Data Management practices Policies & Procedures People & culture Risk Management
7 September, 2021 UNSW Sydney | Data Protection for Higher Education 22 Practices
7 September, 2021 UNSW Sydney | Data Protection for Higher Education 23 Source: http://beyondplm.com/2014/07/22/plm-implementations-nuts-and-bolts-of-data-silos/
Five knows of data security 7 September, 2021 24
Data privacy & security 7 September, 2021 25 Source: https://www.bdo.com/services/business-financial-advisory/governance,-risk-compliance/data-privacy
How Data Governance helps with defence in depth Identify data at risk Locate sensitive data Enables sensitive data to be stored & managed properly Identify sensitive data users Ensure consistent data access processes Ensure safer access to sensitive data 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 26
Identify data at risk Who is using sensitive data Location of data Map data flows through the enterprise Organisational data stewardship with business Data access management Mitigate people risk to data 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 27
Incident response framework 7 September, 2021 28 Source: https://www.bdo.com/services/business-financial-advisory/governance,-risk-compliance/data-privacy
Information Security Lifecycle 7 September, 2021 29
7 September, 2021 UNSW Sydney | Data Protection for Higher Education 30
10 practices to secure your data 1. Know which data assets need protection 2. Encrypt important data 3. Undertake user awareness training 4. Only store necessary data 5. Close un-necessary open ports 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 31 Confidentiality Prevent unauthorised disclosure Integrity Data cannot be modified in an unauthorised manner Availability Information should be available for authorised users
10 practices to secure your data 6. Implement MFA 7. Review network segmentation 8. Improve email security: oSender Policy Framework (SPF) oDomainKeys Identified Mail (DKIM) oDomain-based Message Authentication, Reporting, & Conformance (DMARC) 9. Establish regular user access reviews 10.Establish a patching schedule 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 32 Confidentiality Prevent unauthorised disclosure Integrity Data cannot be modified in an unauthorised manner Availability Information should be available for authorised users
7 September, 2021 UNSW Sydney | Data Protection for Higher Education 33 Team work
7 September, 2021 UNSW Sydney | Data Protection for Higher Education 34 “Cybersecurity [and information security] should be managed as a risk discipline across the three lines of defense — ownership, oversight and assurance.” Source: The Convergence of Operational Risk and Cyber Security. Accenture. The Convergence of Operational Risk and Cyber Security (accenture.com)
Traditional 3 lines of defence model 7 September, 2021 35 1st line of defence – functions that own and manage risk 2nd line of defence – functions that specialise in risk management and compliance 3rd line of defence – functions that provide independent assurance and internal audit
7 September, 2021 UNSW Sydney | Data Protection for Higher Education 36 Cyber security Information Security Privacy Data & Information Governance Management controls Internal control measures Internal audit Financial Control Security Risk Management Quality Inspection Compliance SENIOR MANGEMENT GOVERNING BODY, AUDIT COMMITTEE First line of defence Second line of defence Third line of defence External audit Regulator
7 September, 2021 UNSW Sydney | Data Protection for Higher Education 37 https://www.accenture.com/us-en/blogs/blogs-new-data-ethics-guidelines-organizations-digital-trust
The essential team 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 38 Privacy Cyber & Information Security Risk Management Ethics Data & Information Governance
What we’ve learned so far • Methodically build up defensive layers • Every day do one thing better • Data is an asset and should be managed • Data security is a team effort, and it needs everyone to work collaboratively • It is a journey not a destination 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 39
Data security is a team effort 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 40
7 September, 2021 41 Thank you k.carruthers@unsw.edu.au UNSW Sydney | Data Protection for Higher Education

Recommandé

Data governance – an essential foundation to good cyber security practice
Data governance – an essential foundation to good cyber security practiceData governance – an essential foundation to good cyber security practice
Data governance – an essential foundation to good cyber security practice
Kate Carruthers
 
Data at the centre of a complex world
Data at the centre of a complex world Data at the centre of a complex world
Data at the centre of a complex world
Kate Carruthers
 
Implementing Data Governance & ISMS in a University
Implementing Data Governance & ISMS in a UniversityImplementing Data Governance & ISMS in a University
Implementing Data Governance & ISMS in a University
Kate Carruthers
 
Data & Digital Ethics - CDAO Conference Sydney 2018
Data & Digital Ethics - CDAO Conference Sydney 2018Data & Digital Ethics - CDAO Conference Sydney 2018
Data & Digital Ethics - CDAO Conference Sydney 2018
Kate Carruthers
 
Modelling Higher Education's digital future
Modelling Higher Education's digital future Modelling Higher Education's digital future
Modelling Higher Education's digital future
Kate Carruthers
 
Digital Marketing and your startup
Digital Marketing and your startupDigital Marketing and your startup
Digital Marketing and your startup
Kate Carruthers
 
Data & Digital Ethics: some thoughts
Data & Digital Ethics: some thoughts Data & Digital Ethics: some thoughts
Data & Digital Ethics: some thoughts
Kate Carruthers
 
Data Governance - a work in progress
Data Governance - a work in progressData Governance - a work in progress
Data Governance - a work in progress
Kate Carruthers
 

Recommandé

Data governance – an essential foundation to good cyber security practice
Data governance – an essential foundation to good cyber security practiceData governance – an essential foundation to good cyber security practice
Data governance – an essential foundation to good cyber security practice
Kate Carruthers
 
Data at the centre of a complex world
Data at the centre of a complex world Data at the centre of a complex world
Data at the centre of a complex world
Kate Carruthers
 
Implementing Data Governance & ISMS in a University
Implementing Data Governance & ISMS in a UniversityImplementing Data Governance & ISMS in a University
Implementing Data Governance & ISMS in a University
Kate Carruthers
 
Data & Digital Ethics - CDAO Conference Sydney 2018
Data & Digital Ethics - CDAO Conference Sydney 2018Data & Digital Ethics - CDAO Conference Sydney 2018
Data & Digital Ethics - CDAO Conference Sydney 2018
Kate Carruthers
 
Modelling Higher Education's digital future
Modelling Higher Education's digital future Modelling Higher Education's digital future
Modelling Higher Education's digital future
Kate Carruthers
 
Digital Marketing and your startup
Digital Marketing and your startupDigital Marketing and your startup
Digital Marketing and your startup
Kate Carruthers
 
Data & Digital Ethics: some thoughts
Data & Digital Ethics: some thoughts Data & Digital Ethics: some thoughts
Data & Digital Ethics: some thoughts
Kate Carruthers
 
Data Governance - a work in progress
Data Governance - a work in progressData Governance - a work in progress
Data Governance - a work in progress
Kate Carruthers
 
Internet of Things and Governance
Internet of Things and GovernanceInternet of Things and Governance
Internet of Things and Governance
Kate Carruthers
 
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis
 
Big Data and Goverment Analytics
Big Data and Goverment AnalyticsBig Data and Goverment Analytics
Big Data and Goverment Analytics
Khaled Ghadban
 
Keith prabhu global high on cloud summit
Keith prabhu global high on cloud summitKeith prabhu global high on cloud summit
Keith prabhu global high on cloud summit
administrator_confidis
 
The Cybersecurity Executive Order
The Cybersecurity Executive OrderThe Cybersecurity Executive Order
The Cybersecurity Executive Order
Booz Allen Hamilton
 
Your Worst GDPR Nightmare - Unstructured Data
Your Worst GDPR Nightmare - Unstructured DataYour Worst GDPR Nightmare - Unstructured Data
Your Worst GDPR Nightmare - Unstructured Data
DATAVERSITY
 
Social media: balancing risk and control
Social media: balancing risk and controlSocial media: balancing risk and control
Social media: balancing risk and control
Kate Carruthers
 
Big data contains valuable information - Protect It!
Big data contains valuable information - Protect It!Big data contains valuable information - Protect It!
Big data contains valuable information - Protect It!
Praveenkumar Hosangadi
 
Ethics of Big Data
Ethics of Big DataEthics of Big Data
Ethics of Big Data
Matti Vesala
 
The National Security Agency (NSA) -- PRISM Surveillance System _Not a Surpri...
The National Security Agency (NSA) -- PRISM Surveillance System _Not a Surpri...The National Security Agency (NSA) -- PRISM Surveillance System _Not a Surpri...
The National Security Agency (NSA) -- PRISM Surveillance System _Not a Surpri...
Sonia Usih, PMP, MCPM, BSc.
 
Big Data Ecosystem for Data-Driven Decision Making
Big Data Ecosystem for Data-Driven Decision MakingBig Data Ecosystem for Data-Driven Decision Making
Big Data Ecosystem for Data-Driven Decision Making
Abzetdin Adamov
 
TiE DC GovCon Panel on Emerging Technologies: AI/ML/Blockchain/Data Managemen...
TiE DC GovCon Panel on Emerging Technologies: AI/ML/Blockchain/Data Managemen...TiE DC GovCon Panel on Emerging Technologies: AI/ML/Blockchain/Data Managemen...
TiE DC GovCon Panel on Emerging Technologies: AI/ML/Blockchain/Data Managemen...
Pieter De Leenheer
 
Build Your Foundation: Strategies and Tools for Managing Retention and Person...
Build Your Foundation: Strategies and Tools for Managing Retention and Person...Build Your Foundation: Strategies and Tools for Managing Retention and Person...
Build Your Foundation: Strategies and Tools for Managing Retention and Person...
Iron Mountain
 
Getting Started with GDPR Compliance
Getting Started with GDPR ComplianceGetting Started with GDPR Compliance
Getting Started with GDPR Compliance
DATAVERSITY
 
Safeguarding Your Brand With Secure IT Asset Disposition
Safeguarding Your Brand With Secure IT Asset DispositionSafeguarding Your Brand With Secure IT Asset Disposition
Safeguarding Your Brand With Secure IT Asset Disposition
Iron Mountain
 
Presentation
PresentationPresentation
Presentation
Senaka(Sam) Hettiarachchi, CPA, Executive MBA
 
Fdic ffiec cyber_security_assessments
Fdic ffiec cyber_security_assessmentsFdic ffiec cyber_security_assessments
Fdic ffiec cyber_security_assessments
Ken M. Shaurette
 
295256_Security_Problem_Whitepaper.Web
295256_Security_Problem_Whitepaper.Web295256_Security_Problem_Whitepaper.Web
295256_Security_Problem_Whitepaper.Web
Deron Grzetich, CISSP, CISM, GCIH
 
Privacy is at the heart of data protection
Privacy is at the heart of data protectionPrivacy is at the heart of data protection
Privacy is at the heart of data protection
Jisc
 
BCS ITNow 201403 - Data Loss Prevention
BCS ITNow 201403 - Data Loss PreventionBCS ITNow 201403 - Data Loss Prevention
BCS ITNow 201403 - Data Loss Prevention
Gareth Niblett
 
STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017
STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017
STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017
Maurice Dawson
 
Cases
CasesCases
Cases
Alexandra
 

Contenu connexe

Tendances

Big Data and Goverment Analytics
Big Data and Goverment AnalyticsBig Data and Goverment Analytics
Big Data and Goverment Analytics
Khaled Ghadban
 
Keith prabhu global high on cloud summit
Keith prabhu global high on cloud summitKeith prabhu global high on cloud summit
Keith prabhu global high on cloud summit
administrator_confidis
 
Your Worst GDPR Nightmare - Unstructured Data
Your Worst GDPR Nightmare - Unstructured DataYour Worst GDPR Nightmare - Unstructured Data
Your Worst GDPR Nightmare - Unstructured Data
DATAVERSITY
 
Big Data Ecosystem for Data-Driven Decision Making
Big Data Ecosystem for Data-Driven Decision MakingBig Data Ecosystem for Data-Driven Decision Making
Big Data Ecosystem for Data-Driven Decision Making
Abzetdin Adamov
 
Privacy is at the heart of data protection
Privacy is at the heart of data protectionPrivacy is at the heart of data protection
Privacy is at the heart of data protection
Jisc
 

Tendances (20)

Internet of Things and Governance
Internet of Things and GovernanceInternet of Things and Governance
Internet of Things and Governance
 
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
 
Big Data and Goverment Analytics
Big Data and Goverment AnalyticsBig Data and Goverment Analytics
Big Data and Goverment Analytics
 
Keith prabhu global high on cloud summit
Keith prabhu global high on cloud summitKeith prabhu global high on cloud summit
Keith prabhu global high on cloud summit
 
The Cybersecurity Executive Order
The Cybersecurity Executive OrderThe Cybersecurity Executive Order
The Cybersecurity Executive Order
 
Your Worst GDPR Nightmare - Unstructured Data
Your Worst GDPR Nightmare - Unstructured DataYour Worst GDPR Nightmare - Unstructured Data
Your Worst GDPR Nightmare - Unstructured Data
 
Social media: balancing risk and control
Social media: balancing risk and controlSocial media: balancing risk and control
Social media: balancing risk and control
 
Big data contains valuable information - Protect It!
Big data contains valuable information - Protect It!Big data contains valuable information - Protect It!
Big data contains valuable information - Protect It!
 
Ethics of Big Data
Ethics of Big DataEthics of Big Data
Ethics of Big Data
 
The National Security Agency (NSA) -- PRISM Surveillance System _Not a Surpri...
The National Security Agency (NSA) -- PRISM Surveillance System _Not a Surpri...The National Security Agency (NSA) -- PRISM Surveillance System _Not a Surpri...
The National Security Agency (NSA) -- PRISM Surveillance System _Not a Surpri...
 
Big Data Ecosystem for Data-Driven Decision Making
Big Data Ecosystem for Data-Driven Decision MakingBig Data Ecosystem for Data-Driven Decision Making
Big Data Ecosystem for Data-Driven Decision Making
 
TiE DC GovCon Panel on Emerging Technologies: AI/ML/Blockchain/Data Managemen...
TiE DC GovCon Panel on Emerging Technologies: AI/ML/Blockchain/Data Managemen...TiE DC GovCon Panel on Emerging Technologies: AI/ML/Blockchain/Data Managemen...
TiE DC GovCon Panel on Emerging Technologies: AI/ML/Blockchain/Data Managemen...
 
Build Your Foundation: Strategies and Tools for Managing Retention and Person...
Build Your Foundation: Strategies and Tools for Managing Retention and Person...Build Your Foundation: Strategies and Tools for Managing Retention and Person...
Build Your Foundation: Strategies and Tools for Managing Retention and Person...
 
Getting Started with GDPR Compliance
Getting Started with GDPR ComplianceGetting Started with GDPR Compliance
Getting Started with GDPR Compliance
 
Safeguarding Your Brand With Secure IT Asset Disposition
Safeguarding Your Brand With Secure IT Asset DispositionSafeguarding Your Brand With Secure IT Asset Disposition
Safeguarding Your Brand With Secure IT Asset Disposition
 
Presentation
PresentationPresentation
Presentation
 
Fdic ffiec cyber_security_assessments
Fdic ffiec cyber_security_assessmentsFdic ffiec cyber_security_assessments
Fdic ffiec cyber_security_assessments
 
295256_Security_Problem_Whitepaper.Web
295256_Security_Problem_Whitepaper.Web295256_Security_Problem_Whitepaper.Web
295256_Security_Problem_Whitepaper.Web
 
Privacy is at the heart of data protection
Privacy is at the heart of data protectionPrivacy is at the heart of data protection
Privacy is at the heart of data protection
 
BCS ITNow 201403 - Data Loss Prevention
BCS ITNow 201403 - Data Loss PreventionBCS ITNow 201403 - Data Loss Prevention
BCS ITNow 201403 - Data Loss Prevention
 

Similaire à Data Protection for Higher Education

STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017
STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017
STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017
Maurice Dawson
 
Cyber Risk – The New Norm
Cyber Risk – The New NormCyber Risk – The New Norm
Cyber Risk – The New Norm
NICSA
 
Data security as a top priority in the digital world: preserve data value by ...
Data security as a top priority in the digital world: preserve data value by ...Data security as a top priority in the digital world: preserve data value by ...
Data security as a top priority in the digital world: preserve data value by ...
Anastasija Nikiforova
 
Security and Privacy of Big Data in Mobile Devices
Security and Privacy of Big Data in Mobile DevicesSecurity and Privacy of Big Data in Mobile Devices
Security and Privacy of Big Data in Mobile Devices
IOSRjournaljce
 
Fundamental Areas of Cyber Security on Latest Technology
Fundamental Areas of Cyber Security on Latest TechnologyFundamental Areas of Cyber Security on Latest Technology
Fundamental Areas of Cyber Security on Latest Technology
ijtsrd
 

Similaire à Data Protection for Higher Education (20)

STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017
STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017
STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017
 
Cases
CasesCases
Cases
 
Safeguarding K-12 Organizations from Cybersecurity Threats WPGC.pdf
Safeguarding K-12 Organizations from Cybersecurity Threats WPGC.pdfSafeguarding K-12 Organizations from Cybersecurity Threats WPGC.pdf
Safeguarding K-12 Organizations from Cybersecurity Threats WPGC.pdf
 
IS-Intro.pdf
IS-Intro.pdfIS-Intro.pdf
IS-Intro.pdf
 
Network security # Lecture 1
Network security # Lecture 1Network security # Lecture 1
Network security # Lecture 1
 
ID-20305090 Fahim Montasir.pptx
ID-20305090 Fahim Montasir.pptxID-20305090 Fahim Montasir.pptx
ID-20305090 Fahim Montasir.pptx
 
Abhishek kurre.pptx
Abhishek kurre.pptxAbhishek kurre.pptx
Abhishek kurre.pptx
 
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data AssetsFS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
 
Cybersecurity - Strategy, Policy and Practice
Cybersecurity - Strategy, Policy and PracticeCybersecurity - Strategy, Policy and Practice
Cybersecurity - Strategy, Policy and Practice
 
Policies to mitigate cyber risk
Policies to mitigate cyber riskPolicies to mitigate cyber risk
Policies to mitigate cyber risk
 
Cyber Risk – The New Norm
Cyber Risk – The New NormCyber Risk – The New Norm
Cyber Risk – The New Norm
 
Cyber security analysis presentation
Cyber security analysis presentationCyber security analysis presentation
Cyber security analysis presentation
 
Data security as a top priority in the digital world: preserve data value by ...
Data security as a top priority in the digital world: preserve data value by ...Data security as a top priority in the digital world: preserve data value by ...
Data security as a top priority in the digital world: preserve data value by ...
 
Event report 2014 published
Event report 2014 publishedEvent report 2014 published
Event report 2014 published
 
Combating cyber crimes chinatu
Combating cyber crimes chinatuCombating cyber crimes chinatu
Combating cyber crimes chinatu
 
Presentation to GFCE 2019 in Addis Ababa, Ethiopia
Presentation to GFCE 2019 in Addis Ababa, EthiopiaPresentation to GFCE 2019 in Addis Ababa, Ethiopia
Presentation to GFCE 2019 in Addis Ababa, Ethiopia
 
A Comprehensive Review of Cyber Security, Threats and Cyber Attacks
A Comprehensive Review of Cyber Security, Threats and Cyber AttacksA Comprehensive Review of Cyber Security, Threats and Cyber Attacks
A Comprehensive Review of Cyber Security, Threats and Cyber Attacks
 
IRJET- Big Data Privacy and Security Challenges in Industries
IRJET- Big Data Privacy and Security Challenges in IndustriesIRJET- Big Data Privacy and Security Challenges in Industries
IRJET- Big Data Privacy and Security Challenges in Industries
 
Security and Privacy of Big Data in Mobile Devices
Security and Privacy of Big Data in Mobile DevicesSecurity and Privacy of Big Data in Mobile Devices
Security and Privacy of Big Data in Mobile Devices
 
Fundamental Areas of Cyber Security on Latest Technology
Fundamental Areas of Cyber Security on Latest TechnologyFundamental Areas of Cyber Security on Latest Technology
Fundamental Areas of Cyber Security on Latest Technology
 

Plus de Kate Carruthers

The Power of Social Business
The Power of Social BusinessThe Power of Social Business
The Power of Social Business
Kate Carruthers
 
Social innovation Sydney Case Study
Social innovation Sydney Case StudySocial innovation Sydney Case Study
Social innovation Sydney Case Study
Kate Carruthers
 

Plus de Kate Carruthers (20)

Starting data governance
Starting data governance Starting data governance
Starting data governance
 
Info Sec, AI, and Ethics
Info Sec, AI, and EthicsInfo Sec, AI, and Ethics
Info Sec, AI, and Ethics
 
Future proof your career
Future proof your career Future proof your career
Future proof your career
 
Taking disruption for granted
Taking disruption for grantedTaking disruption for granted
Taking disruption for granted
 
The Internet of Things - 36th International Conference of Privacy and Data Co...
The Internet of Things - 36th International Conference of Privacy and Data Co...The Internet of Things - 36th International Conference of Privacy and Data Co...
The Internet of Things - 36th International Conference of Privacy and Data Co...
 
Building the sharing economy
Building the sharing economy Building the sharing economy
Building the sharing economy
 
Hardware is Hard - Products are Hard Melbourne 2013
Hardware is Hard - Products are Hard Melbourne 2013Hardware is Hard - Products are Hard Melbourne 2013
Hardware is Hard - Products are Hard Melbourne 2013
 
Social and technology trends for banking
Social and technology trends for bankingSocial and technology trends for banking
Social and technology trends for banking
 
Internet of things: New Technology and its Impact on Business Models
Internet of things: New Technology and its Impact on Business ModelsInternet of things: New Technology and its Impact on Business Models
Internet of things: New Technology and its Impact on Business Models
 
Crowdfunding
CrowdfundingCrowdfunding
Crowdfunding
 
Your blog your brand - tips on getting started with your blog
Your blog your brand - tips on getting started with your blogYour blog your brand - tips on getting started with your blog
Your blog your brand - tips on getting started with your blog
 
Social media for social good 2012
Social media for social good 2012Social media for social good 2012
Social media for social good 2012
 
Whats the big idea with social media media140-2012
Whats the big idea with social media media140-2012Whats the big idea with social media media140-2012
Whats the big idea with social media media140-2012
 
Failing in the right direction
Failing in the right directionFailing in the right direction
Failing in the right direction
 
The Power of Social Business
The Power of Social BusinessThe Power of Social Business
The Power of Social Business
 
Gathering11 - envisioning change
Gathering11 - envisioning changeGathering11 - envisioning change
Gathering11 - envisioning change
 
Social innovation Sydney Case Study
Social innovation Sydney Case StudySocial innovation Sydney Case Study
Social innovation Sydney Case Study
 
Beta space | introduction websites
Beta space | introduction websitesBeta space | introduction websites
Beta space | introduction websites
 
Leadership and the Digital Revolution
Leadership and the Digital RevolutionLeadership and the Digital Revolution
Leadership and the Digital Revolution
 
#C3t The Command & Control of Twitter
#C3t The Command & Control of Twitter#C3t The Command & Control of Twitter
#C3t The Command & Control of Twitter
 

Dernier

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 

Dernier (20)

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 

Data Protection for Higher Education

  • 1. Data Protection for Higher Education Kate Carruthers UNSW Sydney August 2021 Edutech 2021
  • 2. Agenda • Data protection issues • Some tips on where to start • The need for teamwork 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 1
  • 3. 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 2 Higher Education Context
  • 4. Higher Education Context Teaching Research Administration 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 3 Increasing amounts of student and staff interaction data Huge volumes of data – anything from patient clinical data to climate data and everything in between. Large amounts of PII for staff and students: TFNs, Bank accounts, etc.
  • 5. 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 4 Data governance is a key foundation for cyber & information security Cyber security, information security, data governance, and enterprise risk management are a key focus
  • 6. 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 5
  • 7. 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 6
  • 8. 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 7 Some definitions
  • 9. Data Governance "Data governance is the organization and implementation of policies, procedures, structure, roles, and responsibilities which outline and enforce rules of engagement, decision rights, and accountabilities for the effective management of information assets." (John Ladley, Data Governance: How to Design, Deploy and Sustain an Effective Data Governance Program, 2012) 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 8
  • 10. Cyber security and information security are not the same thing 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 9
  • 11. Cyber Security 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 10 “The ability to protect or defend the use of cyberspace from cyber attacks.” Source: NIST Computer Security Resource Center - CNSSI-4009-2015
  • 12. Information Security 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 11 “The protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability.” Source(s): NIST Computer Security Resource Center - FIPS 199 (44 U.S.C., Sec. 3542)
  • 13. Attack Surface 1.Digital attack surface oKnown assets oUnknown assets oRogue assets 2.Physical attack surface 3.Social engineering attack surface 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 12
  • 14. 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 13 Threat landscape
  • 15. Threat landscape “Threat landscape maps Malware standing strong as #1 Cyber Threat in the EU, with an increase in Phishing, Identity Theft, Ransomware; Monetisation holding its place as cyber criminals’ top motivation; and the COVID-19 environment fuelling attacks on homes, businesses, governments and critical infrastructure.” 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 14 Source ENISA Threat Landscape 2020: Cyber Attacks Becoming More Sophisticated, Targeted, Widespread and Undetected: https://www.enisa.europa.eu/news/enisa-news/enisa-threat-landscape-2020
  • 16. Impact of cybercrime in Australia 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 15 Source: Cyber Security and Australian Small Businesses Results from the Australian Cyber Security Centre Small Business Survey, Nov 2020. Small Business Survey Results | Cyber.gov.au
  • 17. Top threats 1. Malware 2. Web-based Attacks 3. Phishing 4. Web Application Attacks 5. SPAM 6. Distributed Denial of Service (DDoS) 7. Identity Theft 8. Data Breach 9. Insider Threat 10. Botnets 11. Physical Manipulation, Damage, Theft and Loss 12. Information Leakage 13. Ransomware 14. Cyber Espionage 15. Crypto-jacking 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 16 https://www.enisa.europa.eu/news/enisa-news/enisa-threat-landscape-2020
  • 18. Top threats 1. Malware 2. Web-based Attacks 3. Phishing 4. Web Application Attacks 5. SPAM 6. Distributed Denial of Service (DDoS) 7. Identity Theft 8. Data Breach 9. Insider Threat 10. Botnets 11. Physical Manipulation, Damage, Theft and Loss 12. Information Leakage 13. Ransomware 14. Cyber Espionage 15. Crypto-jacking 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 17 https://www.enisa.europa.eu/news/enisa-news/enisa-threat-landscape-2020
  • 19. The perimeter has shifted 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 18
  • 20. The perimeter is everywhere now 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 19 https://www.isaca.org/resources/isaca-journal/issues/2020/volume-6/harnessing-zero-trust-security
  • 21. 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 20 This means that we need to evolve our practices. We can’t hide behind our firewalls any more.
  • 22. Data security is not just one thing 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 21 Data & Information Governance Cyber & Information Security Privacy Data Management practices Policies & Procedures People & culture Risk Management
  • 23. 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 22 Practices
  • 24. 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 23 Source: http://beyondplm.com/2014/07/22/plm-implementations-nuts-and-bolts-of-data-silos/
  • 25. Five knows of data security 7 September, 2021 24
  • 26. Data privacy & security 7 September, 2021 25 Source: https://www.bdo.com/services/business-financial-advisory/governance,-risk-compliance/data-privacy
  • 27. How Data Governance helps with defence in depth Identify data at risk Locate sensitive data Enables sensitive data to be stored & managed properly Identify sensitive data users Ensure consistent data access processes Ensure safer access to sensitive data 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 26
  • 28. Identify data at risk Who is using sensitive data Location of data Map data flows through the enterprise Organisational data stewardship with business Data access management Mitigate people risk to data 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 27
  • 29. Incident response framework 7 September, 2021 28 Source: https://www.bdo.com/services/business-financial-advisory/governance,-risk-compliance/data-privacy
  • 31. 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 30
  • 32. 10 practices to secure your data 1. Know which data assets need protection 2. Encrypt important data 3. Undertake user awareness training 4. Only store necessary data 5. Close un-necessary open ports 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 31 Confidentiality Prevent unauthorised disclosure Integrity Data cannot be modified in an unauthorised manner Availability Information should be available for authorised users
  • 33. 10 practices to secure your data 6. Implement MFA 7. Review network segmentation 8. Improve email security: oSender Policy Framework (SPF) oDomainKeys Identified Mail (DKIM) oDomain-based Message Authentication, Reporting, & Conformance (DMARC) 9. Establish regular user access reviews 10.Establish a patching schedule 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 32 Confidentiality Prevent unauthorised disclosure Integrity Data cannot be modified in an unauthorised manner Availability Information should be available for authorised users
  • 34. 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 33 Team work
  • 35. 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 34 “Cybersecurity [and information security] should be managed as a risk discipline across the three lines of defense — ownership, oversight and assurance.” Source: The Convergence of Operational Risk and Cyber Security. Accenture. The Convergence of Operational Risk and Cyber Security (accenture.com)
  • 36. Traditional 3 lines of defence model 7 September, 2021 35 1st line of defence – functions that own and manage risk 2nd line of defence – functions that specialise in risk management and compliance 3rd line of defence – functions that provide independent assurance and internal audit
  • 37. 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 36 Cyber security Information Security Privacy Data & Information Governance Management controls Internal control measures Internal audit Financial Control Security Risk Management Quality Inspection Compliance SENIOR MANGEMENT GOVERNING BODY, AUDIT COMMITTEE First line of defence Second line of defence Third line of defence External audit Regulator
  • 38. 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 37 https://www.accenture.com/us-en/blogs/blogs-new-data-ethics-guidelines-organizations-digital-trust
  • 39. The essential team 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 38 Privacy Cyber & Information Security Risk Management Ethics Data & Information Governance
  • 40. What we’ve learned so far • Methodically build up defensive layers • Every day do one thing better • Data is an asset and should be managed • Data security is a team effort, and it needs everyone to work collaboratively • It is a journey not a destination 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 39
  • 41. Data security is a team effort 7 September, 2021 UNSW Sydney | Data Protection for Higher Education 40
  • 42. 7 September, 2021 41 Thank you k.carruthers@unsw.edu.au UNSW Sydney | Data Protection for Higher Education