University of Illinois Urbana-Champaign

Trusted CI Webinar: Populating the HECVAT as an Academic Research Provider

Escue, Charles; Earley, Kyle

Permalink

https://hdl.handle.net/2142/113372

Description

Title
Trusted CI Webinar: Populating the HECVAT as an Academic Research Provider
Author(s)
  • Escue, Charles
  • Earley, Kyle
Issue Date
2022-01-24
Keyword(s)
  • Trusted CI
  • NSF
  • Cybersecurity
  • EDUCAUSE
  • HECVAT
  • OSC
Abstract
At one time, higher-ed was the requestor of HECVAT's - now we are being called to populate them for our peers. The Higher Education Community Vendor Assessment Toolkit (HECVAT) has become the de facto standard for vendor risk and security assessment in higher education and the number of universities around the globe using the HECVAT in their assessment process is well into the hundreds. As researchers, and those in the academic mission, consume services of academic research providers (e.g., the Ohio Supercomputer Center, OSC), and thus sharing institutional data, their security offices are increasingly conducting security and risk assessment of these providers to ensure they are meeting the risk tolerance of their institution. Taking a proactive approach to mitigate unnecessary burden in this space, Trusted CI lead an engagement looking to provide response guidance for these academic research service providers on how to properly represent the security state(s) of their environment. Join Kyle Earley, High Performance Computing Security Engineer from the Ohio Supercomputer Center and Charlie Escue, Information Security Manager at Indiana University and co-chair of EDUCAUSE's HECVAT Users Community Group, as they discuss this collaboration and the tangible guidance that was produced during the engagement. Trusted CI announcement of HECVAT 3.0: https://blog.trustedci.org/2022/01/hecvatv3.html Speaker Bios: Charles Escue manages Indiana University's Extended Information Security (EIS) team, a pioneering effort focused on improving university incident remediation capabilities and the handling of imminent threats, beyond the scope of our traditional security office. With over fourteen years of information technology (IT) experience at Indiana University, Charles proudly leads and contributes his expertise as co-chair of EDUCAUSE's HECVAT Users Community Group. Kyle Earley serves as the High Performance Computing Security Engineer for the Ohio Supercomputer Center (OSC). He is the single security resource for the center covering everything from day-to-day security operations to specific engagements and audits. Kyle graduated with a bachelor's degree in Management of Information Systems Enterprise Security from Georgia Southern University. Prior to his time at OSC, he worked for Accenture on a wide array of projects from Department of Defense (DoD) contracts to Fortune 500 clients, last serving as a Senior Security Analyst in the consulting track.
Type of Resource
  • text
  • still image
Permalink
http://hdl.handle.net/2142/113372
Sponsor(s)/Grant Number(s)
NSF Grant # 1920430
Copyright and License Information
Copyright © 2022 The Trustees of Indiana University. This work is licensed under a Creative Commons Attribution-­NonCommercial 3.0 Unported (CC BY­NC 3.0) license.

Owning Collections

Trusted CI Presentations and Reports PRIMARY