Joel Bilhiemer says he guarantees your college’s network has viruses right now.
“If you transmit data of any kind, in any form, that data has value to somebody,” says Bilhiemer, CISSP at Pershing Technoloiges. “It’s our goal as AV professionals to secure that data.”
During the InfoComm15 educational summit “Technology Management in Higher Education,” Bilhiemer lectured on the risks of cybersecurity and strategies colleges can follow to boost their network defenses.
Bilhiemer says that hackers can get in a network via network vulnerabilities, similar to how hackers instigated the infamous Target breach through the store’s HVAC system.
He says hackers were able to crack into millions of credit card accounts in Target’s HVAC system because no one usually checks an HVAC system for viruses or vulnerabilities.
Bilhiemer’s Epidemiology of Cybersecurity:
Focus on containing a threat rather than initial prevention.
Identify supportive sources, such as a CISO or IT member.
Perform a risk analysis, audit your college’s systems and review your college’s policies.
Deploy a security policy, harden your systems. Repeat.
“Once we move into wireless systems, Cloud systems, network systems and sharing data across networks, it becomes a bigger issue,” Bilhiemer says. “I want people to think of …the idea that just like any computer network, we have a scaled, layered approach to how we [AV departments] do things, and any of them can be a penetration point.”
Bilhiemer also says that college AV departments have a huge responsibility in keeping campus networks safe, especially after a new technology installation occurs and the vendors/integrators pack up their tools.
“Our industry often has a project mentality,” he says. Integrators and vendors can say, “I built a facility, it looks fantastic, I get my certificate and check, and I’m done. But you [the AV folk] aren’t done. You still have to manage and operate that install. You might have to deal with a breach somewhere. In order to build operation framework, you have to think about operation lifecycle.”