sealPurdue News
____

March 28, 2002

Purdue center leads effort to observe Information Security Week

WEST LAFAYETTE, Ind. – Purdue University security experts will launch a series of workshops, lectures, informational Web sites and giveaways April 15-19 designed to help Hoosiers and state businesses better secure the information stored on their computers and electronic networks.

Indiana Information Security Week, celebrated this year for the first time, aims to increase awareness of information security issues and provide practical information to Indiana business leaders, educators and home computer users, said Teresa Bennett, strategic manager for the Center for Education and Research in Information Assurance and Security, or CERIAS.

"An increased dependence on information systems has led to considerable security challenges, including threats to national and state security," Bennett said. "Better security would be possible today if operators and users, including home computer users, took some simple, but appropriate, steps."

CERIAS, pronounced "serious," is widely recognized as the world's foremost academic center in information security and privacy. Organized as a multidisciplinary center, more than 100 faculty and graduate students interact with business and industry to conduct research into privacy, computer and network protection, e-commerce, cybercrime, computer-based terrorism and national defense.

The awareness campaign will kick off at Purdue's Stewart Center on April 16-18 with the Information Security Symposium, which will focus on the issues of privacy, protection of intellectual and proprietary property, wireless business and intrusion detection. Local and national experts will be on hand to discuss these issues.

The public can learn more about security issues on Thursday, April 18, by participating in one of the following five workshops:

• Securing Your Web site: Practical tips and techniques for securing your Web site.

• Windows Security: Information security as it crosses the platform Windows 2000.

• Security Management: Policy and training in creating an information security culture so that employees are functioning like a firewall.

• Network Security: A primer on network security, includes an introduction to network threats, vulnerabilities and security.

• Intrusion Detection: Overview of intrusion detection systems, types of systems, advantages to different intrusion detection systems as well as the drawbacks.

Information on workshop fees and registration is available on the web.

During the week, the Purdue center also will unveil a series of Web sites aimed at educators, students, business and industrial leaders, and home computer users. The information and security resource Web site includes:

• Top 10 lists of security concerns for teachers and a list of things students can do to secure their computers.

• Free CD downloads April 15-19 on information security management concepts. The CD is part of a three-part series developed for, and marketed to, business and industrial leaders.

• A set of articles and list of things home computer users and businesses can do to secure their computers systems and private information.

The events are part of an ongoing outreach effort by CERIAS to educate people on security issues, Bennett said. The center offers continuing education and K-12 programs to provide curriculum resources and free professional development workshops for teachers. CERIAS also offers corporate training and can provide on- or off-site workshops for business and industry.

Melissa Dark, continuing education coordinator for CERIAS, says the number of information security challenges will continue to rise as computers are increasingly used in business and education.

"Computer systems are interdependent entities, making them vulnerable to accidents, criminal behavior, and malicious activity," she says. "A recent study reported a 220 percent increase in computer security breaches from 1999 to 2000."

One type of computer attack, viruses, was reported to have cost as much as $12.3 billion nationwide to clean up in 2001, Dark says.

Experts note that businesses and governments are not the only ones at risk. Home computers and home offices are targets and can be used for a variety of malicious activities including identity theft, pornography, vehicles for denial of service attacks and vandalism.

"A growing number of home computers are connected directly to the Internet through high-speed DSL and cable lines that remain open all the time, making them more vulnerable to break-ins," Dark says.

While the same holds true for business computers, a key difference is that many home users are unaware of Internet threats, she says.

"Home users need to know computer security issues and solutions," Dark says. "Computer maintenance should be as routine as locking your house."

For further information on CERIAS or Indiana Information Security Week events, contact: Teresa A. Bennett, (765) 494-7806, tkbennet@cerias.purdue.edu.

Writer: Susan Gaidos, (765) 494-2081; sgaidos@purdue.edu

Source: Teresa Bennett, (765) 494-7806, tkbennet@cerias.purdue.edu

Purdue News Service: (765) 494-2096; purduenews@purdue.edu


* To the Purdue News and Photos Page