At a school as large as UNC-Chapel Hill, keeping campus safe from cybersecurity threats is a huge undertaking. The work of the UNC Information Security Office (ISO) could not be done without collaboration and communication with other information technology units at Carolina. To do this, the ISO, which is housed within ITS, partners with these units in a program called Information Security Liaisons (ISLs).
They partner with the ISO on information security initiatives and meet virtually once a month to discuss relevant cybersecurity topics impacting campus.
A cybersecurity community
“The Information Security Liaisons are the cybersecurity community that we have at Carolina to help communicate with the students, the staff and the faculty,” explained Alex Everett, ISO Operations Manager. “They have a role in communicating both to their leadership and to the researchers, professors, staff and students in their unit.”
Everett leads the ISL meetings. A typical itinerary includes various presentations by liaisons and ISO members. Often, the meetings include a “Meet the ISL” segment where an ISL member introduces themselves and the work their unit does for their unit. About 100 members attend each month.
The ISLs share a Microsoft Teams group where members can ask questions and share cybersecurity updates. The ISO also holds in-person events for ISLs, such as the annual ISL luncheon each October.
The ISL program launched in 2010. In 2019, the ISL established an advisory board, which Everett oversees. The advisory board enables ISL leaders to share perspectives and improve the program.
The last board meeting was March 7 and spurred improvements to the ISL’s onboarding process. The board also decided to make meetings more actionable by referring to known exploited software that needs immediate action.
Key part of success
Andrea Bankoski, who manages the Department of Epidemiology’s team of programmers and IT support staff, is an ISL.
“The Information Security Liaisons program connects people working in IT all around the University, bringing us together to collaboratively update University-wide security controls and policies, improve security within our units, and develop and improve best practices,” she said. “Staying up to date on security is essential with the rapid advancement of current technologies and working together as a whole is an efficient way to do so.”
Everett credits part of the ISO’s success to the work of the ISLs.
“They are in an important position where they can provide guidance about cybersecurity within their school or department and support the goals of the school or department,” he said. “They can and do make a difference — and maybe more than ever as information technology has become fundamental.”
For cybersecurity news and updates, visit Safe Computing at UNC.