Home

Overview

Program

Schedule of Events

Committee

Registration

Contributors

San Diego

Hotel

Travel Information

Computer-Related Incidents: Their Cause and Prevention

Presenters:
        Virginia Rezmierski, University of Michigan
        Mark Bard, University of Michigan

One might think that the primary source of information technology incidents is external threats. Is this assumption correct? Computer-related incidents, such as data breeches, copyright infringement, phishing expeditions, insertion of spyware, unauthorized access and network intrusions, take place on college campuses every day. What causes them and what should we do to prevent them?

The Computer Incident Factor Analysis and Categorization (CIFAC) project was designed to research and examine computer-related incidents and to understand their sources, types, causal factors, and practices for prevention, mitigation and management. For the last two years, data on 319 incidents were collected and analyzed from a sample of 36 college and universities across the United States. Researchers found that the lack of policy, user security awareness education and a deficiency of training for IT and non-IT personnel are the leading causes of these incidents. Results showed the importance of rapid response, open communication and inter-disciplinary incident response teams. Results also showed the need for automated intrusion detection and response mechanism.

This presentation will provide information on the CIFAC study, its methodology, its results and the importance of the findings for practitioners. Researchers will facilitate a discussion of computer-related incidents and answer questions on CIFAC findings.