Skip to main
University-wide Navigation

The Enterprise Cybersecurity Team is a vital component in the proactive protection of the University's critical assets. Through various key functions such as continuous monitoring and analysis, incident response, threat intelligence and research, vulnerability management, and policy enforcement, the team ensures the confidentiality, integrity, and availability of data and technology infrastructure. Their efforts are essential in safeguarding the University's valuable resources and maintaining a secure environment.

Enterprise Technology Policy

The Enterprise Cybersecurity team establishes technology policies based on federal guidelines and industry best practices. These policies include University Administrative Regulations (adopted by the President), policies, standards, guidelines, procedures, and baselines (all adopted by the CIO) to implement and enhance the University’s cybersecurity approach and provide for the general technology administration and oversight of the University.  

Technology policy

Enterprise Data Privacy

Works to ensure that the University’s data and information systems are compliant with privacy laws, regulations, and best practices. The privacy team plays a crucial role in protecting individuals' privacy rights, maintaining regulatory compliance, and fostering a privacy-conscious culture within the University.

The team is available to consult on data encryption, appropriate sharing and storage, and can also meet with staff to identify laws, regulations, etc. related to the data they process, hold, and/or transmit and provide best practices and/or training for dealing with that data. Our team also provides consultation related to reporting data sharing violations. In addition, the team is available to partner with business officers to analyze current and potential partners/vendors/contracts to help ensure appropriate data security.

Reporting HIPAA and FERPA Violations

Students teaching

Disaster Recovery

Disaster recovery and business continuity enable the recovery or continuation of critical technology infrastructure following a natural or human-induced disaster. This effort ensures that critical University systems are available or can be restored quickly, enabling the university to continue critical operations. Our team is also available to consult on how best to back-up and recover college/department/unit services, systems, and data.


Incident Management

Upon discovering a potential threat, issue, or incident contact and/or 859-218-HELP (24/7).  Our team will evaluate and investigate from a privacy, policy, compliance, risk, and cybersecurity standpoint. In addition, we’ll partner with you to take next steps, report as needed, and engage University partners (Legal, Risk Management, Executive Leadership, UK Police Department, Human Resources, etc.) as needed.


Governance, Risk, and Compliance

The team serves as a central function that supports the University in achieving its objectives while managing risks and complying with relevant laws and regulations. By establishing effective governance structures, risk management processes, and compliance frameworks, it helps the University operate responsibly, ethically, and with resilience in an ever-changing business environment.  

The team is also available to partner with college/department/unit IT staff to conduct a cybersecurity risk assessments of current technology practices, hardware, and software within that area and provide recommendations on strategies/opportunities that could enhance the cybersecurity environment.  

In addition, the team partners with University Risk Management to ensure that Cybersecurity Insurance is provided to the University. 

Read more about Cybersecurity Compliance at UK

Michael Teaching

Training & Awareness

The Enterprise Cybersecurity Team is charged with cybersecurity training and awareness of all students, faculty, staff, and third-parties who utilize University systems and technology resources. The team works to provide awareness campaigns via social media, email, and various websites, in addition to hosting a 1-day annual conference. The team also provides multiple online training courses available in MyUK Learning. Individuals can also reach out to to request a training needs assessment for their college/department/unit/organization. Afterwards, the requestor will receive cybersecurity training and activity recommendations and a potential customized presentation for your team.

Cybercon 22 presentation


The Enterprise Cybersecurity Team is responsible for the day-to-day management and monitoring of the University’s cybersecurity systems and infrastructure. Their primary focus is on maintaining the cybersecurity posture of the enterprise by monitoring and analyzing security events, detecting and responding to security incidents, conducting investigations, and implementing security controls. The team plays a crucial role in identifying and mitigating cybersecurity threats and vulnerabilities, ensuring the ongoing protection of critical assets, and maintaining the overall security of the organization's systems and networks. 

The team actively collaborates with colleges, departments, and business units to provide cutting-edge cybersecurity defenses, including endpoint detection and response, vulnerability management, and web application scanning. They offer guidance and expertise in an advisory capacity, assisting the campus community in implementing robust security measures. By leveraging their knowledge and resources, the team ensures the adoption of state-of-the-art security practices and fosters a secure environment across the organization.