Newly formed Information Security Council at U of T
Published on: January 30, 2018
January 30, 2018
On February 5, 2018, U of T’s newly formed Information Security Council (ISC) will hold its first meeting.
ISC Purpose
Stemming from the Policy on Information Security and the Protection of Digital Assets and the recommendations from the Working Group on the Implementation of Information Risk Management Practice, the Council will ensure broad consultation in planning and decision-making processes as it relates to information security. “This Council is being created in direct response to the feedback we have received from the campus community,” said Scott Mabury, Vice-President, University Operations.
The ISC will do the following:
- Assist in the review of envisioned and unanticipated risks to the University’s Digital Assets;
- Ensure a robust and practiced process exists around incidence response;
- Collaborate with the President or designate to initiate information security initiatives;
- Ensure education of the University community on digital security best practices;
- Oversee the development, recommendation and review of Procedures, Standards and Guidelines for the protection of the University’s Digital Assets and ensure timely and accurate reporting on information security risks to the appropriate governing groups including the Senior Executive and the Audit Committee of Governing Council;
- As per policy, ensure every academic and non-academic unit is appropriately covered by an Information Risk Management Plan.
ISC Structure
ISC Co-Chairs
The co-chairs of the new Council will be the Chief Information Security Officer (CISO) and Professor Ronald Deibert, Director of the Citizen Lab at Munk School of Global Affairs.
“The design of the ISC, with a nimble council that meets three times a year, supported by a series of working groups, will allow us to tap into the rich experience on campus and ensure everyone’s voice is heard,” said Deibert, who also served as co-chair of the original working group on the Implementation of Information Risk Management Practice at U of T.
The University is currently in the recruiting phase for the newly created Chief Information Security Officer role.
ISC Working Groups
The ISC working groups, comprised of on-the-ground experts from across campus, will be focusing on the following areas:
- Incident Response Planning
- Procedures, Guidelines, Best Practices and Standards
- Education and Awareness
- Risk, Compliance, Metrics and Reporting
- Research
Bo Wandschneider, CIO, says, “I am really excited to get this group off the ground.” Upon arrival, Wandschneider began making the rounds to understand needs and expectations regarding information security across U of T and solicit participation in the ISC and working groups, based on a list of nominations from the community. “It took a long time, but we had to get this right – there is a lot of work to do, and there is a lot of expertise around campus to help get it done.” said Wandschneider.
ISC Membership
- Ronald Deibert – Co-Chair
Professor, Political Science, Faculty of Arts & Science - TBD – Co-Chair
Chief Information Security Office, Information Technology Services - Sam Chan
Director, Discovery Commons, Faculty of Medicine - Sven Dickinson
Professor, Computer Science, Faculty of Arts & Science - Leslie Shade
Professor and Associate Dean, Research, Faculty of Information - Sian Meikle
Director and Librarian, Information Technology Services, Libraries - Deepa Kundur
Professor, Electrical & Computer Engineering, Faculty of Applied Science & Engineering - Michael Stumm
Professor, Electrical & Computer Engineering, Faculty of Applied Science & Engineering - Zoran Piljevic
Director, Information & Instructional Technology Services, UTSC - Rafael Eskenazi
Director, Freedom of Information and Protection of Privacy, Office of the Governing Council - Heidi Bohaker
Associate Professor, History, Faculty of Arts & Science - CJ Woodford
Graduate Student, Physics, Faculty of Arts & Science - Bo Wandschneider – Ex-officio
Chief Information Officer, Information Technology Services
More Information
After the first meeting on February 5, 2018, the terms of reference and future materials from the Information Security Council will be accessible online. Given the nature of certain discussions, some in-camera notes may be recorded, but not made available publicly.
If you have any questions, please don’t hesitate to contact me.
– Bo
Bo Wandschneider, CIO
Information Technology Services
University of Toronto
bo.wandschneider@utoronto.ca