This workshop will discuss a "security fundamentals" approach that prioritizes improving core operational practices using existing tools over implementing complex and expensive technologies. Colleges and universities have limited staff, funding, and time to apply against an almost unending storm of problems. In this workshop we will explore some practical approaches to cybersecurity. During the session, we will look at the topics of risk management, zero trust, architecture, and identity/account management. Attendees will also contribute to a collective self-assessment of their institutions' cybersecurity efforts to help identify areas where some changes in strategy or tactics may lead to a more practical, manageable approach to the issue.
Outcomes: Attendees will participate in an information security program assessment exercise, understand how a risk-management approach can aid in leading to practical cybersecurity solutions, and learn what innovative approaches other institutions are taking to cybersecurity concerns.
