KSU Cyber Security Awareness Day 201126 Oct 2011 in Security
Today was the KSU Cyber Security Awareness Day, presented by KSU's Information Technology Services (a sister department to the department I work in), and it was a resounding success! There were several presentations that had standing-room only attendance, and for good reason.
My personal favorites:
Mike Rothman from Securosis on finding happiness in information security. Mike's presentation was as much about being happy in your job and in your life as it was about cyber security, but he asked a number of very pointed questions. Questions about pay/salary, job satisfaction, and life priorities. I found the questions unsettling, not because of the actual question, but because I realized that I'd been subconsciously thinking those same things for quite a while now. The take away from his presentation can probably be summed up as "Is what you're doing today getting you where you want to go?"
Rob Ragan of Stach & Liu came to talk about "Google hacking" and the Diggity tool he's put together. Rob presented a number of very revealing things that can be found just by performing searches on the common search engines, and a number of people in the audience were disturbed to find out how information can be (mis-)handled. At one point, Rob stated he had run a search on Kennesaw's web presence and found about 11,000 possible pieces of sensitive information. It was mildly amusing to see the reaction of the members of our ISO until it was realized that he had searched on "ksu.edu" and not "kennesaw.edu". I hope K-State is aware of the 11,000 possible hits.
Chris Sandy of our own ITS Information Security Office actually presented twice. One presentation (that I rather enjoyed) was used as filler due to a last-minute cancellation. Chris talked about the physical aspects of information security, but particularly about physical locks and lockpicking. I had no idea KSU had a sport lockpicker on campus -- it makes me even more interested in picking up lockpicking, as a sport.
Overall, it was a great one-day event, and I hope that it helped open the eyes of the students, faculty, and staff attending the session. I know our InfoSec guys worked really hard to put it together, and I think that did an outstanding job. Having done conference planning before, I know its no easy task, but they pulled it off quite well.