Security

Information Security and Emerging Technologies

The Information Security and Emerging Technologies Office (ISET) shares the mission and core values of the Information Technology Services Division by promoting the privacy, confidentiality, integrity and availability of university information resources.

ISET works with the campus community in the adoption and implementation of the CSU and CSUSB Information Security Policies and Standards.

ISET works to:

  • Develop appropriate processes, procedures, and policies required for the protection of university information
  • Identify risks to the security of information and systems. Mitigate these risks to levels acceptable to the campus
  • Define security requirements, establish baselines and measure compliance, based on applicable laws, regulations, and best practices
  • Consult with campus users and departments to investigate security issues and evaluate products and processes
  • Collaborate with Information Resources administrators and technical staff to develop the campus information security strategy and architecture
  • Ensure incident response and disaster recovery plans are developed and implemented
  • Respond to and recover from disruptive and destructive information security events
  • Increase campus awareness of information security through training and communication

Governance

ISET is a member of the IT Governance Subcommittee which develops information security policies, standards and procedures for the protection of university information assets in response to changes in the technology and information landscape.

Compliance

ISET collects and monitors metrics, and encourages application of benchmarks to assess compliance with various policies and standards for information resources

Preventive

Awareness and Training

ISET coordinates a program to increase information security awareness.

ISET brokers training to improve the information security & technical capabilities of campus IT personnel.

Business Continuity

ISET educates and tests units on continuity/disaster recovery issues.

Incident Response

ISET establishes guidelines for the handling of information security related incidents. IT procedures and business practices involve ISET for the phases of incident response including: prevention, preparation, detection, containment, recovery, digital investigation (forensics), and reporting of lessons learned.