New to the guide?
- Welcome to the Guide! Learn how to find the info you need quickly.
- Check out the latest toolkits and resources.
- Browse the hot topics.
- Dive into one of the 15 chapters.
- 2016 Top 3 Strategic Information Security Issues New!
- EDUCAUSE 2016 Top 10 IT Issues New!
- Security Matters blog column in EDUCAUSE Review New!
- Evolution and Ascent of the CISO
- The Chief Privacy Officer in Higher Education
- 2015 Strategic Information Security Issues InfographicNew!
- Password Managers New!
- Third-Party Security Awareness Training ToolsNew!
- 7 Things You Should Know About Cloud Security
- 7 Things You Should Know About DNSSEC
- 7 Things You Should Know About IPv6
- 7 Things You Should Know About Mobile Security
- CISO Job Description Template
- Cyber Liability Insurance FAQ New!
- Data Classification Toolkit
- Data Incident Notification Toolkit
- Information Security Program Self-Assessment Tool Updated!
- Mentoring Toolkit
- National Cyber Security Awareness Month Resource Kit
- Toolkit for New CISOs
- 2016 Campus Security Awareness Campaign New!
- Confidential Data Handling Blueprint
- Cybersecurity Awareness Resource Library
- Data Protection Contractual Language: Common Themes and Examples
- Developing Your Campus Information Security Website
- GRC FAQ
- Guidelines for Data De-Identification or Anonymization
- Guidelines for Information Media Sanitization
- Guidelines for Responding to Compulsory Legal Requests for Information
- Incident Checklist for Sensitive Data Exposures
- Information Security Governance
- Mobile Internet Device Security Guidelines
- Overview of Bro
- Risk Management Framework
- Security Awareness Quick Start Guide and Security Awareness Detailed Instruction Manual Updated!
- Speakers Bureau
- Top Information Security Concerns for Researchers
Hot Topics!
Other Higher Education Resources
- EDUCAUSE Cybersecurity Initiative Website
- EDUCAUSE Cybersecurity & HEISC News
- Internet2 Security Website
- Annual Security Professionals Conference
- EDUCAUSE Cybersecurity Resource Page
- EDUCAUSE Security Discussion Group Listserv
- Research and Education Networking Information Sharing and Analysis Center (REN-ISAC)
- Best Practices in Cybersecurity for NSF Large Facilities
- UCISA Information Security Management Toolkit (Edition 1.0, Volume 1)
Featured Government and Industry Resources
- Digital Services Playbook (U.S. Government)
- Ponemon Institute's Security Research Studies & White Papers
- Symantec's Compliance Matrix Poster
- Verizon's Data Breach Incidents Report (DBIR)
About the Guide
The Higher Education Information Security Council (HEISC) supports higher education institutions as they improve information security governance, compliance, data protection, and privacy programs. This guide, created by practitioners for practitioners, features toolkits, case studies, effective practices, and recommendations to help jump-start campus information security initiatives. Don't reinvent the wheel – get all of the resources you need here.
Contribute
As a community-driven, community-serving project, it is important for this initiative to incorporate experiences and perspectives from many different institutions. To contribute examples of practices that have been effective in your institution, please consider submitting a case study or contact security-council@educause.edu.
Questions or comments? Contact us.
Except where otherwise noted, this work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License (CC BY-NC-SA 4.0).