Keeping USC secure

This month marks National Cyber Security Awareness Month. With the many possible pitfalls of online information, USC’s University Information Security Office (UISO) keeps the university on track. Chief Information Security Officer Marcos Vierya details how the office is helping Carolina. 

What does the UISO do exactly? 

We help the university protect computing and information assets. In today’s world, information equals money to cyber criminals. We work to keep that information safe by providing information security awareness, education and consulting, security assessments and responding to information technology incidents. 

Why should faculty and staff on campus know about this?

As a university, we are entrusted with information about our community. We have information about students, faculty, staff and alumni.  Therefore, we all have an ethical obligation to protect that information, including our own.

But it’s not purely ethical. University policy requires employees to understand and address information security risks in their daily work. The university also has to comply with laws, regulations and other contractual obligations. Our office is a resource to help make that a reality. We have the skills and tools to guide the university in protecting its IT assets and the information of our community members.

What does it mean for USC to have your team on campus? 

The university has allocated resources to better address the growing need for a better information security and privacy posture. The UISO has been effective in helping make the USC network a lower risk environment, particularly through the establishment and continued development of the USC Information Security Program. We’ve also been successful in minimizing the impact of security incidents.

Is there anything new going on with the department?

The UISO is always working to improve. For example, we are constantly implementing new tools and techniques to improve our ability to detect and prevent malicious activity. We are also training, and improving our knowledge and skills, so we can be better prepared for the ever-changing threat landscape.  

At the moment, we are deploying new tools that dramatically improve our ability to detect and respond to malicious cyber activity. We are also planning to help the university develop and implement USC’s first information privacy policy. As with all policy development work, we expect this process will take time and involve many different offices throughout the USC system, but the time is right, and the need is great.

Tell us a little about the Secure Carolina initiative. 

The Secure Carolina initiative will establish a comprehensive, top-down information security framework that will integrate security and privacy measures throughout all IT environments of the USC system, at the cost of about $20 per year for each student, faculty and staff member.

New measures will provide greater information security and privacy education and training. We are working to create an accountability structure for ongoing monitoring and the advisement of current information security and privacy issues. Essentially, Secure Carolina will provide the necessary resources to implement bold improvements to the ways we address information security and privacy in the university system.

As the leader of this office, what are you goals for the USIO? 

I want my team to help the university be recognized as a responsible, credible, and trustworthy steward of the valuable information and computing assets our citizens, colleagues, students and partners entrust with us.

Share this Story! Let friends in your social network know what you are reading about