OVERVIEW

There is a hostile cybersecurity landscape with challenges for all organizations to navigate, as evidenced by the regular media features about cybersecurity threats touching all industries.

With many similarities to small cities, universities face a diverse environment that includes a large variety of services, intellectual and research data and robust, high-speed networks. Maintaining appropriate safeguards within the university ecosystem requires a comprehensive and innovative approach to information protection.

ALIGNMENT

• With the University — Competitive Resources: Secure computing and communication is the foundation that supports a competitive array of essential resources.
• With the State — Reliable & Secure Services: Proper security measures protect the integrity and confidentiality of information.
• With Government Mandates: Position UHS as a leader in cybersecurity by partnering with the Department of Homeland Security (DHS), Texas Department of Information Resources (DIR), FBI Houston Infragard and other federal, state and local agencies.

PROGRAM GOALS

• Develop Roadmap for common/standardized UHS solutions.
• Enhance UHS Information Security Incident and Event Management (SIEM) system.
• Focus and enhance information security controls and processes associated with UHS services provided through third-party hosted/cloud services.
• Expand 2-factor Authentication deployment (DUO) across all UHS campuses for the protection of additional critical services.
• Increase engagement of users as strategic information security partners.
• Establish Information Security Liaisons/Officers for all colleges/divisions on each UHS campus.
• Through continued partnerships with the Office of General Counsel, the Division of Research and others, develop a omprehensive System approach to further the discovery mission of the universities through robust data and intellectual property protection including integration into defined compliance and review processes.

CURRENT STATE

• Centralized Information Security program across all UHS campuses including funding, staffing and initiatives.
• Implemented Multi-Factor Authentication (DUO) for protection of user account credentials and access to university critical resources for all faculty, staff and students on all UHS campuses.
• Implemented additional security controls and technology for messaging services (Proofpoint and Office 365) to protect UHS users from evolving threats received via email including phishing, job scams and executive impersonations.

PATH TO SUCCESS

• Continue UH System-level collaborations. Internal and external collaborations have not only contributed to the program’s effectiveness, but have also garnered regional, state and national recognition of UH cybersecurity efforts benefitting academic programs, students, faculty and researchers.
• Continue engaging UH executive leadership, which has been and will remain critical to the success of IT security efforts.

FY2022 INITIATIVES

• Develop roadmap for common/standardized/automated UHS information security solutions.
• Through continued partnerships with the Office of General Counsel, Division of Research and others, develop a comprehensive UHS approach to robust data and intellectual property protection including integration into defined compliance and review processes.
• Enhance UHS information Security Incident and Event Management (SIEM) system.
• Expand the effectiveness of the UHS information Security Program by establishing Information Security Liaisons/ Information Security Officers for all colleges/divisions
  on each UHS campus.
• Expand infrastructure protections to include additional multi-factor authentication protocols and data loss prevention controls.