From the CIO

From the CIO

Kelly Block serves as Interim Chief Information Officer (CIO) for the University of Illinois System.

For more information about Kelly, visit About the CIO.



Recent Posts

Recently, I participated in the CIO.com Quick Takes as one of 30 IT leaders asked to talk briefly about strategy. In this version of CIO Quick Takes, they asked  the question: "What is your strategic focus for 2017?" 

We use an early 2000’s vintage ERP, and we are an institution where business process and data custodianship is determined on a department-by-department basis. Yes, we have mobile applications, web portals, and first-rate integration between applications. We don’t have students that say, “Alexa, register me for Computer Science 125.” I also can’t say “Alexa, stop” in meetings where everyone instantly becomes quiet and is never offended, but that’s beside the point. Our challenge is to re-focus our business practices around our students so that admissions, registration, advising, housing, concert tickets, extracurricular activities, parking, and career searching are not only blissfully intuitive, but integrated in a way where you don’t need to know what a bursar is. I want my daughter to spend no more than a few sentences with Watson to apply for college and get her scholarships, then four years later, I want to hear “Alexa, get a me job starting June 1, 2022.”

Be sure to check out the full article, "CIO Quick Takes, What's your Strategic focus?", to see what other IT leaders are focusing on this year.

Reprinted with permission of CIO.com.

Posted by Michael Hites  On Apr 04, 2017 at 9:14 AM
  

I was invited to give a briefing at AGB's National Conference on Trusteeship in Dallas, Texas, next week on cybersecurity for colleges and universities. Here are a few of my thoughts leading into the presentation.  

About once a week, I receive a new email message touting "top 10 cybersecurity risks" or "this year's report on cybersecurity shows more attacks than ever" or some other tactic designed to make me want to open it. I've yet to get one that is a cyberattack disguised as a cyber-defense message; however, I'm sure that's next. Mostly, these messages focus on two topics: the new threats and the new methods to combat the threats.

Just in the past few years, the increase in the use of mobile devices has created new ways for criminals to get your personal and corporate data. At universities, we tend to be a bit more open with the bring-your-own-device mentality, so the problem is amplified. It used to be that hackers would need to break into centralized on-campus systems. Now that it is popular to host university data off campus in the cloud, the bad guys have a choice to use malware on a personal computer or mobile device, or they can break in to hosted services without sneaking into your campus.

The current thinking is that containment, simplification, and automation are the keys to combat these threats.

Make sure that your critical data are constrained so that criminals have fewer options to get it. Simplify your security operations so that you don't have a different solution for every piece of software or data that you use. By simplifying the number of tools and procedures that you have, you can practice them more often and be more successful at implementing them. Automation is the critical when the breadth of threats increase. You can't just keep hiring more and more people every time something new appears, so buy tools that can watch your systems and data for you.

But the most critical aspect of cybersecurity is still the human.

Criminals will focus on the biggest vulnerability, so if your employees can't easily distinguish between legitimate online content and malicious content, you will become a target. Fortunately, this is preventable, and when you train your staff to be suspicious, the hackers will avoid you because the return on their investment is low.

Reprinted with permission of Association of Governing Boards of Universities and Colleges. To view the original blog post, visit https://www.agb.org/blog/2017/03/14/cybersecurity-for-colleges-and-universities.  

Posted by Michael Hites  On Mar 27, 2017 at 9:24 AM