The Enterprise Cybersecurity Team is a vital component in the proactive protection of the University's critical assets. Through various key functions such as continuous monitoring and analysis, incident response, threat intelligence and research, vulnerability management, and policy enforcement, the team ensures the confidentiality, integrity, and availability of data assets and technology infrastructure. Their efforts are essential in safeguarding the University's valuable resources and maintaining a secure environment.
Enterprise Cybersecurity
Enterprise Technology Policy
The Enterprise Cybersecurity team establishes enterprise technology policies, including healthcare policies, based on federal guidelines and industry best practices. These policies include administrative regulations (adopted by the President), policies, standards, guidelines, procedures, and baselines (all adopted by the CIO) to implement and enhance the University’s cybersecurity approach and provide for the general technology administration and oversight of the entire enterprise.
Enterprise Data Privacy
Works to ensure that the University’s data and information systems are compliant with privacy laws, regulations, and best practices. The privacy team plays a crucial role in protecting individuals' privacy rights, maintaining regulatory compliance, and fostering a privacy-conscious culture within the University.
The team is available to consult on data encryption, appropriate sharing and storage, and can also meet with staff to identify laws, regulations, etc. related to the data they process, hold, and/or transmit and provide best practices and/or training for dealing with that data. Our team also provides consultation related to reporting data sharing violations. In addition, the team is available to partner with business officers to analyze current and potential partners/vendors/contracts to help ensure appropriate data security.
Technology Emergency Management
The Enterprise Cybersecurity Team is charged with maintaining the Technology Emergency Management Playbook ensuring adequate IT support of the enterprise’s emergency response. This includes, but is not limited to support of:
- both the University and HealthCare Emergency Operations Plan,
- Hospital Incident Command Center,
- Emergency Operations Center,
- the University Hazard Mitigation Plan,
- the University’s Business Continuity efforts,
- Resilience Hubs, and
- Information and Assistance Centers.
The team is also charged with creation and leadership of specific emergency plans/protocols within IT such as Personnel and Building Emergency Action Plans for IT employees, the Technology Major Incident Protocol, IT Business Continuity Plan, IT Disaster Recovery and Systems Back-up Plan, and Cybersecurity Incident Response Plans.
Adequate emergency management enables the recovery or continuation of critical technology infrastructure following a natural or human-induced disaster. It aids in identifying and mitigating the enterprise’s risk of exposure to internal and external threats. This effort ensures that critical enterprise systems are available or can be restored quickly, enabling the enterprise to continue critical operations. Our team is also available to consult on how best to back-up and recovery services, systems, and data. Additional services include:
- Business impact analysis
- Application availability tiering
- Consultation on creation and management of application downtime plans
- Support of downtime plan testing
- Facilitation of exercises and training
Incident Management
Upon discovering a potential threat, issue, or incident contact Cybersecurity@uky.edu and/or 859-218-HELP (24/7). Our team will evaluate and investigate from a privacy, policy, compliance, risk, and cybersecurity standpoint. In addition, we’ll partner with you to take next steps, report as needed, and engage University partners (Legal, Risk Management, Executive Leadership, UK Police Department, Human Resources, etc.) as needed.
Governance, Risk, and Compliance
The team serves as a central function that supports the enterprise in achieving its objectives while managing risks and complying with relevant laws and regulations. By establishing effective governance structures, risk management processes, and compliance frameworks, it helps the University operate responsibly, ethically, and with resilience in an ever-changing business environment.
The team is also available to partner with college/department/unit IT staff to conduct a cybersecurity risk assessments of current technology practices, hardware, and software within that area and provide recommendations on strategies/opportunities that could enhance the cybersecurity environment. In addition, the team partners with University Risk Management to ensure that Cybersecurity Insurance is provided to the enterprise. Other services include:
- Information Risk Management
- Third Party Risk Assessment
- Internal Risk Assessment
- User Access Reviews
- Policy Exception Management
- Business Associate Agreement and Contract Reviews
Training & Awareness
The Enterprise Cybersecurity Team is charged with cybersecurity training and awareness of all students, faculty, staff, and third-parties who utilize University systems and technology resources. The team works to provide awareness campaigns via social media, email, and various websites, in addition to hosting a 1-day annual conference. The team also provides multiple online training courses available in myUK Learning. Individuals can also reach out to Cybersecurity@uky.edu to request a training needs assessment for their college/department/unit/organization. Afterwards, the requestor will receive cybersecurity training and activity recommendations and a potential customized presentation for your team.
Operations
The Enterprise Cybersecurity Team is responsible for the day-to-day management and monitoring of the University’s cybersecurity systems and infrastructure. Their primary focus is on maintaining the cybersecurity posture of the enterprise by monitoring and analyzing security events, detecting and responding to security incidents, securing remote access, conducting investigations, and implementing security controls. The team plays a crucial role in identifying and mitigating cybersecurity threats and vulnerabilities, ensuring the ongoing protection of critical assets, and maintaining the overall security of the organization's systems and networks.
The team actively collaborates with colleges, departments, clinical areas, and business units to provide cutting-edge cybersecurity defenses, including endpoint detection and response, vulnerability management, and web application scanning. They offer guidance and expertise in an advisory capacity, assisting the campus community in implementing robust security measures. By leveraging their knowledge and resources, the team ensures the adoption of state-of-the-art security practices and fosters a secure environment across the organization.
HealthCare Identity and Access Management
The Enterprise Cybersecurity Team is responsible for the full identity lifecycle management process for accessing UK HealthCare technologies and applications.
Services Include:
- Enabling and disabling identities and account access, including specialty accounts
- Proactively monitoring and managing account access
