This week Ruth Robertson the ISF Programme Manager has been at the Information and Records Management Society Annual Conference.
Ruth gave a presentation ‘Managing Information Security Risk: Practical advice…’ about what we’ve achieved here at Cardiff and lessons learnt along the way. There was a lot of interest in the room and the free copies of the UCISA Information Security Management Toolkit (for which Cardiff was a major contributing institution) went like hot cakes.
One of the questions asked by keynote speaker Peter Kurilecz (international IRM authority and author of the RAIN online newsfeed) related to the findings from our Phishing exercise. He commended us on conducting this and also the physical vulnerability exercises (red teams), noting that testing actual behaviours was really important.
There were also questions posed in this, and other sessions run by University staff, around academic freedom and technological choice and how they interact with information security concerns.
Overall the conference was very worthwhile and the choice of after dinner speaker (Scott Quinnell) was inspired!
For more information on day one of the conference read this blog from another attendee: View from the Hill: From Brighton to Bulls – Catching up with the IRMS conference