ITS Continues Efforts to Improve Cybersecurity of University Community | News | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

In the summer of 2022, the University of Nebraska system approved an update to Executive Memorandum 16 (EM 16)— the Policy for Responsible Use of University Computers and Information Systems. This policy update reaffirms the University’s commitment to appropriately protect our valuable technology investments in academic, research, and business operations across Nebraska. In an ever-changing world of cybersecurity threats, organizations, not just Universities, but financial institutions, social media, and other online services are implementing modern strategies to mitigate risk and protect user data.

Over the last 15 months, Information Technology Services (ITS) has implemented several cybersecurity enhancements to meet the expectations of EM 16 and protect the university’s information systems, data, and guide technology processes and operations. The university is also investing in required annual Security Awareness Training to equip our community to be proactive digital citizens.

As these efforts continue, here are some additional changes to be aware of this fall:

  • All employees will be notified to complete the required annual Security Awareness Training via email from Bridge. Faculty training notifications will arrive this fall.

  • All university-owned workstations, servers and mobile devices must run a supported Operating System and be enrolled in Endpoint Management services to receive appropriate risk-based cybersecurity protection. Access to university networks now requires an authorized university identity, and devices will need to complete a risk-based security posture assessment.

  • All employees are now required to use their email account for university business. This will ensure that sensitive university data stays within university-managed systems.

  • October marks the 20th annual National Cybersecurity Awareness Month, a time to work together and raise awareness about the importance of cybersecurity. Throughout October, ITS will share best practices and offer mini training courses with the opportunity to receive cybersecurity champion certification.

Why EM 16?

Implementation of EM 16 helps address the following areas which improve and sustain our cybersecurity posture at the University through:

  1. Research compliance. Many of our research projects come with significant compliance requirements both federally and from other agencies. These requirements include cybersecurity tools, controls, and a complete library of NIST compliant policies.

  2. Personal and academic data protection. Our students, faculty, staff, and our governmental partners expect a robust cybersecurity program to effectively protect personal and academic data. To be eligible for federal funding, including financial aid programs, the University will be required to demonstrate compliance with NIST cybersecurity frameworks, including a complete library of cyber policies.

  3. Business relevance. Our business partners are requiring the deployment of a robust cybersecurity program as evidence that we are able to sustain operations during any cyber event. This optimizes our business efficiency both in purchasing power and other business practices.

Additional Information and Resources

If you have any questions, please contact your IT Support Team for assistance.

Learn more about EM 16, including FAQ’s and a drafted implementation timeline

Learn more about security awareness training

Enterprise endpoint management

Vulnerability and compliance management

Patch management services

Personal device security


Click Here For The Original Source.

National Cyber Security