Information security is a practice

Published April 9, 2019

Students in the Downtown Jacobs Medical Building active learning classroom.

The purpose of UB, like any institution of higher learning, is to create and share knowledge and information. In UB’s Information Security Office, our goal is to make sure that can happen as intended, by protecting our systems, data, and talent.


Since joining UB last year, I’ve been thinking about what it means to put information security into practice. Responding to security incidents, which is some of the more visible work we do, is a practice and a reaction.

To me, an information security practice is about identifying the main goals of our work, and the things we can all do daily to help us get there. Spreading awareness in the campus community is a critical part of this effort.

Since 2006, UB’s Information Security Office has been proactively bringing awareness of today’s best practices—and tomorrow’s trends—to the community. This effort is paramount, and we’ll be doing even more to spread awareness as the necessity for information security grows.

I’ll be using this blog to share what’s happening in our department, and to hear and respond to your input and concerns. I want to unpack what we’re doing to keep malicious actors out, validate and support our campus community members, and help foster UB’s culture of knowledge and information by protecting the engine that generates that—our systems, our data, and, most importantly, our people.

We are information professionals, all of us. I look forward to sharing more about our office and the work we do in the coming year. I hope you’ll share with me, too—that’s what UB is all about.

Join the conversation!

Tell us what you think on our Twitter page.