Published April 9, 2019
The purpose of UB, like any institution of higher learning, is to create and share knowledge and information. In UB’s Information Security Office, our goal is to make sure that can happen as intended, by protecting our systems, data, and talent.
Since joining UB last year, I’ve been thinking about what it means to put information security into practice. Responding to security incidents, which is some of the more visible work we do, is a practice and a reaction.
To me, an information security practice is about identifying the main goals of our work, and the things we can all do daily to help us get there. Spreading awareness in the campus community is a critical part of this effort.
Since 2006, UB’s Information Security Office has been proactively bringing awareness of today’s best practices—and tomorrow’s trends—to the community. This effort is paramount, and we’ll be doing even more to spread awareness as the necessity for information security grows.
I’ll be using this blog to share what’s happening in our department, and to hear and respond to your input and concerns. I want to unpack what we’re doing to keep malicious actors out, validate and support our campus community members, and help foster UB’s culture of knowledge and information by protecting the engine that generates that—our systems, our data, and, most importantly, our people.
We are information professionals, all of us. I look forward to sharing more about our office and the work we do in the coming year. I hope you’ll share with me, too—that’s what UB is all about.
Mark Herron is UB's Information Security Officer. He has more than 20 years of experience in information technology, security and compliance; his expertise includes risk assessment and mitigation, as well as compliance and governance.