Click here to receive your FREE subscription to Campus Technology

Home > The Rise of the CISO

Features

The Rise of the CISO

4/1/2007

By Doug Gale

Paul Schopis, director of network engineering at OARnet (the networking division of the Ohio Supercomputer Center), outlines another way that the emerging optical networks introduce new security problems. In the past, he notes, IP networks were run over synchronous optical networking (SONET), which did not use IP for the signaling channel. But IP won out, and many new data networks use Ethernet and IP for the control channel, which introduces the possibility of attacking a network at layer 1. “Why attack routers when you can wipe out the optical layer?” Schopis points out. OARnet has addressed this threat via more robust authentication and authorization, and by ensuring that the IP addresses of the control plane are not publicly routable.

Coming to Campus Technology 2007

University of Texas-Austin's Daniel Updegrove, special assistant, VP for IT, academic technology services, will moderate a panel on high-speed networking initiatives such as LONI and SURAnet, entitled "Research Institutions: Leading Regional Networking Initiatives," at Campus Technology 2007 in Washington, DC, July 30-Aug. 2.

UW’s Gray has observed that some of the impetus for optical networks may be a reaction to improved network security on our current networks, and is part of a more general and cyclical process. He argues that when we introduce network appliances such as firewalls, or we restrict access or impose more restrictive policies, we also add friction to the system. Campus firewalls, which often break videoconferencing and multicast, are a common example. Researchers respond by seeking their own dedicated lambdas that free them from real and perceived restrictions. But as they add other researchers as well as commodity internet links to their private networks, they are faced with access control issues and the threat of network attacks. The circle is completed as traffic-disrupting appliances and policies are added to improve security. The only way to break the cycle is for the IT staff to understand and address the concerns of the researcher and the tradeoffs between performance and security.

St Sauver sums it up best by recalling a line perhaps best known from the 2002 movie Spider-Man: “With great power comes great responsibility.”

Current and Future Trends

Three clear trends have emerged within the higher ed community:

  1. The designation of a single senior individual to be responsible for all aspects of information security. (Emerging optical networks will only accelerate this trend.)
  2. The centralization of the IT security function to a single operational unit.


    3. Recommended Reading
    • Where the Risks Are

      Knowing what to spend on data protection and where to focus the effort isn't easy. Security assessments help eliminate the guesswork by identifying where your most critical risks lurk.

    • Technology Forever

      Who says classroom learning has to culminate with a formal degree? Tech-enabled lifelong learning programs are utilizing videoconferencing, vodcasting, and more to reach out to the 50-plus nontraditional student.

    • They Say They Want A Revolution

      As sustainability efforts ramp up on campuses, educators share eco-friendly dorm practices-- the ideal way to educate students about environmental issues.

    • Getting More out of Mobile

      Sure, cellular and handheld devices are quintessential communication tools, but savvy institutions are getting extra bang for their mobile tech bucks.

    • It's Bandwagon Time

      Colleges and universities worldwide are turning to the hosted SaaS model and saying goodbye to issues like patch management and server optimization.

    • Waiting It Out

      Have you given up trying to bring faculty into the world of emerging technology for teaching and learning?

Related Articles

send e-mail link to articleEmail this article

print this articlePrintable Format