WHAT WE DO
We strive to continually improve and deliver the following services:
- Application Scanning – We conduct security scanning of vendor-supplied applications
or those developed in-house developed before they are deployed and after maintenance
has been performed.
- Network Vulnerability – We conduct penetration tests and system scans to ensure
the security of information technology resources across the University.
- Incident Response – We have a process to quickly and effectively address reported
security incidents reported to us through various channels.
- Security Awareness – We provide information security awareness training to faculty, staff and students of the University and its regional campuses. We also post recent examples of phishing scams to help educate our community.
The Chief Information Security and Privacy Officer (CISPO) provides the leadership and vision to create, implement and manage the strategic direction for WVU’s information security and privacy programs. The CISPO will work closely with other units in ITS, non-central IT units, industry experts, law enforcement agencies and peers at other institutions to ensure WVU is using best practices. Responsibilities include:
· planning, development, implementation and oversight of WVU’s enterprise information security and privacy programs;
· establishing security and privacy policies, standards and guidelines;
· developing security and privacy training;
· responding to security and privacy incidents;
· risk assessment and management;
· working extensively with faculty staff and students to maintain the highest possible levels of information security;
· and balancing customer satisfaction with that security.