"You're never done with information security. It is an arms race, where the good guys are always trying to stay one step ahead of the bad guys." — Eric Smith, chief information security officer.
LEWISBURG, Pa. (PRWEB) July 08, 2013
In a world where nearly everyone maintains multiple online identities, a single cyber breach can have a far-flung ripple effect. A 2012 attack on the social networking site LinkedIn, for example, exposed the password hashes, essentially encrypted passwords of millions of users. Eric Smith said those hashes can be easily untwisted by the tech-savvy. Smith has been named the first chief information security officer for Bucknell University (Lewisburg, Pa.), Susquehanna University (Selinsgrove, Pa.) and Franklin & Marshall College (Lancaster, Pa.).
"How many dozens of sites do you have the same username and password," Smith questioned. "People tend to reuse credentials."
For Smith, the LinkedIn breach exemplifies the need for all organizations to make constant and evolving efforts to secure data on their networks, and demonstrates why Bucknell is partnering with two other institutions to do so.
"You're never done with information security," Smith added. "It is an arms race, where the good guys are always trying to stay one step ahead of the bad guys, and vice versa. We're working hard to get systems in place that are nimble enough to allow us to quickly adapt to this ever-changing landscape."
The new collaboration is rare among undergraduate institutions, according to Bucknell’s Vice President for Library and Information Technology, Param Bedi. He said the partnership is not only fiscally responsible (the three institutions share the cost of the new position), but it also allows the institutions to learn from each other, and puts Smith in position to develop common security procedures, policies and incident response plans to help prevent and counteract various information security threats.
“Protecting institutional data is more challenging than ever before, but this collaboration presents a great opportunity for us to address those challenges,” Bedi explained. “It’s extremely critical to have someone who understands the technology. Eric can use this position to look across all three institutions, and use that shared knowledge to develop best practices and help strengthen our information security.”