New to the guide?
- Welcome to the Guide! Learn how to find the info you need quickly.
- Check out the latest toolkits and resources.
- Browse the hot topics.
- Dive into one of the 16 chapters. (Note: Privacy chapter coming soon!)
- Learn how to advance your infosec career
- 2016 Top 3 Strategic Information Security Issues
- EDUCAUSE 2016 Top 10 IT Issues
- 2016 CDS Spotlight: Information Security
- Security Matters blog column in EDUCAUSE Review
- Evolution and Ascent of the CISO
- The Chief Privacy Officer in Higher Education
- 2015 Strategic Information Security Issues Infographic
- Higher Education Information Security Awareness Programs (ECAR Research Bulletin)
- The Successful Security Awareness Professional: Foundational Skills & Continuing Education Strategies (ECAR Research Bulletin)
- DNSSEC Technology Spotlight
- OpenPGP Technology Spotlight
- PKI Technology Spotlight
- CISO Job Description Template
- Cyber Liability Insurance FAQ
- Data Classification Toolkit
- Data Incident Notification Toolkit
- DIY Video and Poster Security Awareness Contest New!
- Information Security Program Self-Assessment Tool Updated!
- Mentoring Toolkit
- National Cyber Security Awareness Month Resource Kit
- Toolkit for New CISOs
- 2016 Campus Security Awareness Campaign New!
- Confidential Data Handling Blueprint
- Cybersecurity Awareness Resource Library
- Data Protection Contractual Language: Common Themes and Examples
- Developing Your Campus Information Security Website
- GRC FAQ
- Incident Checklist for Sensitive Data Exposures
- Information Security Governance
- Mobile Internet Device Security Guidelines
- Overview of Bro
- Password Managers
- Risk Management Framework
- Security Awareness Quick Start Guide & Security Awareness Detailed Instruction Manual Updated!
- Speakers Bureau
- Third-Party Security Awareness Training Tools
- Training and Certifications for Security and Privacy Professionals
Hot Topics!
Other Higher Education Resources
- EDUCAUSE Cybersecurity Initiative Website
- EDUCAUSE Cybersecurity & HEISC News
- Internet2 Security Website
- Annual Security Professionals Conference
- EDUCAUSE Cybersecurity Resource Page
- EDUCAUSE Security Discussion Group Listserv
- Research and Education Networking Information Sharing and Analysis Center (REN-ISAC)
- Best Practices in Cybersecurity for NSF Large Facilities
- UCISA Information Security Management Toolkit (Edition 1.0, Volume 1)
Featured Government and Industry Resources
- Digital Services Playbook (U.S. Government)
- Ponemon Institute's Security Research Studies & White Papers
- Symantec's Compliance Matrix Poster
- Verizon's Data Breach Incidents Report (DBIR)
About the Guide
The Higher Education Information Security Council (HEISC) supports higher education institutions as they improve information security governance, compliance, data protection, and privacy programs. This guide, created by practitioners for practitioners, features toolkits, case studies, effective practices, and recommendations to help jump-start campus information security initiatives. Don't reinvent the wheel – get all of the resources you need here.
Contribute
As a community-driven, community-serving project, it is important for this initiative to incorporate experiences and perspectives from many different institutions. To contribute examples of practices that have been effective in your institution, please consider submitting a case study or contact security-council@educause.edu.
Questions or comments? Contact us.
Except where otherwise noted, this work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License (CC BY-NC-SA 4.0).