At the core of Edge’s mission is creating a collaborative peer network where stakeholders can share insights and strategize about ways to overcome challenges and embrace new opportunities. Along with building professional networks, Edge brings members together through practice groups to discuss key topics, exchange best practices, learn new skills, and ask questions in an environment that fosters trust and professional growth.
One of these collaborations is the Security Community of Practice (CoP) Group which focuses on a full spectrum of cybersecurity concerns and dedicates itself to understanding, supporting, and uniting the people, processes, standards, and technologies that are needed to mitigate threats to our organizations, their students, and personnel. To further strengthen security workflows and processes, the Security CoP explores new ways to secure the enterprise network and data, prevent losses and reduce threat vectors, and determine strategies to maximize the ROI on security-centered application and infrastructure investments.
Sharing Actionable Intelligence about Security Threats
Bringing extensive experience and knowledge to the Practice Group, Jeremy Livington, Chief Information Security Officer, Division of Information Technology, Stevens Institute of Technology, helps coordinate these meetings and develop the agenda based on the most pressing topics. “We develop our agenda based on what is happening in the news and what is topical in the security and education space,” says Livington.
The group’s inaugural meeting was held on January 12, 2024, and members convene on the second Friday of every month. The Security CoP currently has representation from 35 institutions from three states and anyone in a security role at an institution is welcome to join. “This group is a forum for representatives of different organizations to talk through the challenges they’re facing in their environments and which strategies could help solve these issues. Along with our monthly call, we also have the Signal app on our phones where we share actionable intelligence about security threats in real time. This gives visibility to the wider community and allows them to determine if a threat is affecting their organization.”
The Security CoP continues to grow exponentially and build a supportive community of thought leaders and member institutions. “Joining the Practice Group provides an opportunity to interact with your peers and gain some significant findings and solutions. It’s great that Edge is providing these resources and helping to put this community together. I’ve personally met a lot of people that I previously wouldn’t have known and have been introduced to some terrific security practitioners who bring valuable experience and exciting ideas to the table.”
— Jeremy Livingston
Chief Information Security Officer, Division of Information Technology, Stevens Institute of Technology
Enabling Open Discussions
The Security CoP recognizes that security touches every aspect of the enterprise and extends well beyond the perimeter of the enterprise network. “Previously, organizations would have a strong firewall that would protect the network, but we’re seeing a huge push towards zero trust security,” shares Livington. “Several members of the practice group are currently conducting self-assessments and exploring zero trust frameworks. Institutions are setting up network segmentation, where when someone brings their own devices onto the network, they are segmented from a trusted administrator or server network, for example. There are different access controls in place that will prompt for reauthentication. The evolution toward zero trust is pushing security from that perimeter-based approach to every single device needing to be treated as its own island in the ecosystem.”
Over the years, there has been a growing focus on cybersecurity and how technology can help mitigate the threats to the education community. “We’ve seen a shift in the number of active participants in the security space,” says Livington. “There is a real spirit of collaboration and openness in the Security CoP, and we follow strict Chatham House Rules. This allows people to speak freely and use any information that they hear, but the identity of the person or organization is not shared. We’re very accepting of different viewpoints and backgrounds, and I think that makes it a stronger organization. Our goal is to keep the discussions open and accessible where everyone feels comfortable to talk about any challenges and offer advice, suggestions, or resources that might be useful.”
“Organizations are being stretched thin and are trying to do more with less,” says Livington. “Plus, you add in AI and how it relates to security, and we’re seeing many tools adding language models and AI or automation features. While these added features can be beneficial, they often come with additional cost. Having a collaborative group like Edge’s Security CoP allows us to help each other pinpoint the tools, techniques, and technology that can overcome these challenges and fit into our individual budgets.”
— Jeremy Livingston
Chief Information Security Officer, Division of Information Technology, Stevens Institute of Technology
Keeping Pace with Regulatory Changes
In addition to discussing current events and security trends, the Practice Group also explores breach notifications and how different organizations are forming security operations centers. “Members share how they are running managed detection and response strategies and provide the group with valuable insight into the benefits, as well as the drawbacks,” explains Livington. “We talk openly about the costs, the challenges of different services, and how we foresee artificial intelligence (AI) potentially changing the security landscape. Members also share the challenges they face around regulatory compliance, including the new breach reporting requirements that have been released by the Securities and Exchange Commission (SEC).”
“A comprehensive data privacy law will also go into effect for New Jersey in January 2025, and there have also been changes to the Gramm-Leach-Bliley Act (GLBA),” continues Livington. “This adds several complex compliance requirements that will likely affect many of our organizations and their systems, processes, and documentation. Having a forum to discuss these requirements as a group allows us to navigate these changes together and share the free tools and resources that we’ve discovered. Each time someone shares a new tool, we include that item as an addendum in our meeting agenda. We’ve compiled an ongoing list of free or low-cost resources that others may find useful.”
Keeping pace with regulatory changes and an evolving landscape is no easy feat, especially as many institutions face an enrollment decline. “Organizations are being stretched thin and are trying to do more with less,” says Livington. “Plus, you add in AI and how it relates to security, and we’re seeing many tools adding language models and AI or automation features. While these added features can be beneficial, they often come with additional cost. Having a collaborative group like Edge’s Security CoP allows us to help each other pinpoint the tools, techniques, and technology that can overcome these challenges and fit into our individual budgets.”
Join a Growing Community
The Security CoP continues to grow exponentially and build a supportive community of thought leaders and member institutions. “Joining the Practice Group provides an opportunity to interact with your peers and gain some significant findings and solutions,” says Livington. “It’s great that Edge is providing these resources and helping to put this community together. I’ve personally met a lot of people that I previously wouldn’t have known and have been introduced to some terrific security practitioners who bring valuable experience and exciting ideas to the table.”
For more information on joining the Security Community of Practice Group, contact A.J. Lacomba, Chief Information Officer, Edge via aj.lacomba@njedge.net.