LOOK WHO’S TALKING

LOOK WHO’S TALKING

STEVE NYMAN, Chief Information Security Officer

We mitigate the risk as best we can!’

What’s your job?

To make sure Dartmouth is protecting its most critical digital assets appropriately.

Can you give examples of critical digital assets you protect?

Some of our highly confidential financial data, student records and health information and a lot of personnel-type information. Then you have some of the research that’s done. You know, pre-patent-type research.

How do you protect all of this?

One thing we use is what’s called twofactor authentication. If you look at some of the most serious breaches, like at Stanford recently, when hackers got some highly confidential information, it’s because highly privileged accounts were protected only by a username and password. That’s inadequate. Today it’s all about knowledge-based authentication. Banks use it. My security philosophy is this: If the banks do it, I want to do it.

Who is the enemy?

Nation-state intelligence services. They’re looking for research and they want to steal technology. Russia. China. Keeping up with them is very hard to do. Then you have criminal gangs that want to steal personal information to exploit for financial reasons. And a third would be activists.

What do you lose sleep over?

I sleep like a baby. And I do because I think we have a good framework here and a lot of good people who know what they are doing. I think we lead the league when it comes to our approach and policies.

How much money does the College spend to protect its digital assets?

Millions. We have lots of infrastructure hardware and software and cyberinsurance that isn’t cheap.

How does this work compare to your previous job as an FBI agent in New York City?

There was no cyber stuff back in the 1980s. I worked organized crime, whitecollar crime. Then I worked at Pfizer and oversaw their information security. In my current job we do some investigations, such as the bomb threat a graduating senior posted online here at graduation time a few years ago, but we don’t have many situations like that. —Sean Plottner

Sean Plottner