Good Enough Security: When Is It Good Enough?

Tuesday, May 05 | 10:15AM–11:00AM
Session Type: Professional Development
While many security professionals focus on best practices, in many cases "good enough" security would suffice for deflecting the majority of threats. In an effort to maintain a balanced viewpoint and avoid becoming myopic regarding security requirements, it is important that we come to terms with what level of security is "good enough" within the culture of higher education. Join us for an interactive, spirited, and subjective discussion regarding what level of security is "good enough" in areas such as password complexity and change requirements, network architecture, endpoint security, and many other specific scenarios.

OUTCOMES: Engage in spirited discussion regarding what security measures are adequate for specific scenarios * Leave with a checklist of "good enough" security measures that can be implemented in your own environment


  • Matt Nappi

    Chief Information Security Officer & Assistant Vice President, Stony Brook University

Resources & Downloads