PվƵ

The Information Manager's role in Cybersecurity & Risk Assessment

Information & resources to support Libraries to prevent Cyberattacks

Today's headlines continue to reflect the world's ever-growing concerns about cybersecurity, ransomware, malware and other cyberattacks happening to businesses, organizations and to individuals. PվƵ wants to help Librarians and Information Manager combat this rapidly growing threat with the following topics and resources:

  • Why haven’t librarians and information manager haven’t been seen as an asset in the fight against Cyberattacks? 
  • Why is Librarians’ collaboration with the IT, administrators, and risk officers so crucial?
  • Why are academic institutions the perfect environment for Cyberattacks?
  • How can librarians prepare for and fend off these attacks?
  • What training do you think academic librarians need to better protect their institutions from Cyberattacks?
  • What role can librarians play regarding the culture on campus so students and faculty better understand risk management and cyber threats?

Useful Downloads

Download a free Information Security Checklist
(PDF, 179.19 KB)
_
(XLSX, 100.82 KB)

Requesting content supporting your organization's cybersecurity strategy

We collect and use your personal data to facilitate your request. We won’t contact you for anything unrelated to this request, neither will we share your information with any third parties, as detailed in our privacy policy. We may share it with our affiliated companies and use it internally for analysis purposes.

Podcast with leading cybersecurity expert

Alan brill 1 © Springernature 2021In this four-part podcast series, Alan Brill, Senior Managing Director in the Cyber Risk practice of Kroll, digs into what campus-wide cybersecurity looks like, why universities have become such a rich target for hackers, and how the library fits into the effort of information protection and cybercrime prevention. Alan believes that cyberattack prevention requires collective action across an institution: the administration, registrar’s office, faculty, library staff, and more must all do their part to achieve strong, pre-emptive cybersecurity. See below for this 4-part podcast series.

About the speaker: Alan Brill is a Senior Managing Director in the Cyber Risk practice of Kroll, a fellow of the Kroll Institute.

Alan Brill is a well-known expert in cybersecurity and computer forensics, and is the author or co-author of many books and articles. His work in this field spans four decades. He was the founder of Kroll's cyber practice and has worked on cyber issues in both the public and private sectors. He formerly served as a Director in the New York City Department of Investigation, a Major in the Army and he worked at the NASA Manned Spacecraft Center in Houston during the Apollo moon landing project. Alan teaches in the Terrorist Use of Cyberspace program of the NATO Center of Excellence for Defense Against Terrorism and is an Adjunct Professor in the LLM and M.Jur programs of the Texas A&M University School of Law.

Listen to podcast series: “Understanding and Implementing Cybersecurity”

  • Episode 1: Cyber Protection for a Lay Audience

    What steps do you take to safeguard your digital information? Maybe you change your passwords every other month. Turn on two-factor authentication. Keep your Netflix log-in under lock and key. But what about at your workplace? How does your campus protect its information, and what role do you play in successful cybersecurity implementation? Alan Brill, Senior Managing Director in the Cyber Risk practice of Kroll, believes that cyberattack prevention requires collective action across an institution. In this first episode, Alan explains why effective cybersecurity has become more challenging in our interconnected world, and the importance of the university library’s close partnership with the IT department. Plus, Alan offers up his best tips to protect your workplace—number one: trust, but verify.

    ·
  • Episode 2: Why Are Universities under (Cyber) Attack?

    In recent years, universities have become target-rich environments for cyberattacks. But why? What do hackers want from academic institutions? According to Alan Brill, Senior Managing Director in the Cyber Risk practice at Kroll, information. Because of universities’ breadth of non-public data and extensive interconnectivity across campus and state networks, institutions have become a hot bed of cybercrime. “Once you understand the scope of the risk, you have to start asking the question: Are we matching our preventive and detective tools to that risk? And if we’re not, why not, and what are we going to do about it?” In this second episode, Alan digs into why proactive measures—rather than reactionary—can help mitigate cyber risk. He explains the threats in and outside of an institution, what a “zero-day attack” is, and why zero-day risks require such immediate alarm and action. Plus, Alan shares his advice on how librarians can prepare for and fend off these attacks—don’t delay updating your software!

    ·
  • Episode 3: How to Prepare for and Combat Cyberattacks

    “They try to put guilt on you. They try to make you think it’s your professional responsibility to help them. But the key is: security procedures only work if we use them consistently, and if we’re trained to know that bad actors are going to play on those emotions.” Alan Brill, Senior Managing Director in the Cyber Risk practice at Kroll, understands the ploys hackers use during a cyberattack—and the training needed to combat them. What kind of preparation yields the best security against the growing risk of organized, sophisticated cyberthreats? What’s the librarian’s role in contributing to this cyber-safe campaign?

    In this third episode, Alan listens to a clip from a recent Choice webinar on cyberattacks, reviewing what went right and lessons learned. Alan also walks through the various tricks hackers can pull—dropping in personnel names, making requests appear incredibly urgent—to persuade staff to abandon protocol and grant access. Last, he shares guidance on what both librarians and administrators can do to enforce unified, collective cybersecurity across campus.

    ·
  • Episode 4: Balancing Academic Freedom with Information Protection

    Emailing a former professor about research breakthroughs. Downloading copyrighted papers off the internet. Sharing login credentials. Aren’t these all harmless characteristics of academia? Everyday tricks of the scholarly trade? Alan Brill, Senior Managing Director in the Cyber Risk practice at Kroll, warns that seemingly harmless actions or good intentions may lead to serious consequences—can the push toward academic freedom end up endangering our information in the process?

    In this final episode, Alan discusses hackers’ exploitation of free-flowing information. He tackles the issue of Sci-Hub—the controversial website that shares pirated research—and the importance of respecting patents, copyright protection, and trade secrets. Alan also reveals his perspective on emerging threats in cybersecurity, and why cyber risk preparation at a university is so essential in today’s information age. “There is no such thing as 100 percent protection … What we need is a pre-planned incident response program … so that when it happens—and I think the only rational position today is don’t think in terms of if, think in terms of when it happens—you’re going to know what to do.”

    ·

Journal & Book Highlights

Learn what PվƵ is doing to enhance security for Libraries