Skip to Content

Cyber/Information Security

The practice of protecting physical and electronic information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction

  • Survey information facilities, processes, and systems to evaluate current status of: physical security, procedural security, information systems security, employee awareness, and information destruction and recovery capabilities
    • Develop and implement policies and standards to ensure information is evaluated and protected against all forms of unauthorized inadvertent access, use, disclosure, modification, destruction or denial
      • Develop and manage a program of integrated security controls and safeguards to ensure confidentiality, integrity, availability, authentication, non-repudiation, accountability, recoverability, and audit ability of sensitive information and associated information technology resources, assets and investigations
        • Evaluate the effectiveness of the information security program's integrated security controls, to include related policies, procedures and plans, to ensure consistency with organization strategy, goals and objectives
          • Risk mitigation applied to computing devices such as computers and smartphones, as well as computer networks such as private and public networks, including the internet
            • Secure processes and mechanisms by which computer-based equipment, information and services are protected from unintended or unauthorized access, change or destruction, and is of growing importance in line with the increasing reliance on computer systems of most societies worldwide