Office of the Chief Information Security Officer & Enterprise IT Risk Officer
Responsibilities of the Office of the CISO
The CISO defines and reviews University-wide policies, procedures, standards, and functions spanning across IT Governance, Network Security, Application Security, Risk Management, Identity and Access Management, and Global Centers Information Security. The CISO also promotes campus wide security awareness and culture (through participation in technology deployments, trainings, presentations, meetings, and communications with various stakeholders).
- Monitors network for signs of compromised systems
- Investigates security violations
- Liaises with law enforcement, Office of General Counsel, Deans
- Manages login services
- Manages user account provisioning
- Manages user entitlement and privileges
- Supports the physical security system
- Manages security and access to the HR (PAC) and Finance (ARC) mainframe systems
- Manages security policies, standards, and guidelines
- Manages security awareness program
- Administers RSAM program management
- Performs data security risk assessments of managed central systems and non-managed systems
- Provides security and network oversight
- Provisions access to systems
Security Training is available in a variety of formats to fit the needs of the various Columbia communities.
Providing group presentations on current security threats confronting Universities as well as tips to maintain safe work and personal online presence.
Columbia Security Training is available to all faculty, staff and students with UNI.
Note: CUMC requires mandatory annual HIPAA and CUMC Security Essentials training.
Hosting training courses targeted to instruct on secure web development best practices and to teach how hackers think.
Providing "lunch and learn" presentations for all staff to better understand the University’s policies and how our policies impact all employees.
New Student and New Employee security awareness onboarding presentations are provided to Schools and departments upon request.
Hosting training courses targeted to instruct on secure system administration setup and security best practices.
Studebaker Building, 5th Floor
615 West 131st Street
New York, NY 10027