Educause Security Discussion mailing list archives
Re: Security and Privacy Positions - FTEs
From: Chad Tracy <ctracy () BATES EDU>
Date: Mon, 8 Oct 2018 10:00:12 -0400
Morning everyone. 1. how many of your security offices are responsible for Privacy. I am at a small liberal arts school and I am the only FTE for security... my role also includes privacy and compliance. 2. How many full or part time dedicated staff you have to focus on Privacy. Title of position(s) if applicable. I am the only one - my title is Director of Information Security, Privacy and Compliance (mouth full I know ....) 3. Brief scope of statement of Privacy at your institution ( roles, responsibilities, and the best- authority). So much of what encompasses my job deals with all three facets (security, privacy, and compliance). I tend to feel that privacy is about controlling who has access to information (a lot of this can be done with Varonis as well as a well oiled IDM solution) and security is how one maintains control. As I work with departments on contracts and such I am asking them to ensure that there is a business need for each data element in scope. Most recently we had a rewrite of our Web Privacy Policy (still working through it) to make it more in line with GDPR - having a handle on what you actually are collecting and why you need it really helped in getting an effective policy. Always happy to chat. Cheers, Chad On Mon, Oct 8, 2018 at 8:59 AM Cathy Hubbs <hubbs () american edu> wrote:
Good morning everyone, There is talk of adding Privacy to the office of the CISO ( security program equivalent) at our university. I am interested in learning more about... 1. how many of your security offices are responsible for Privacy. 2. How many full or part time dedicated staff you have to focus on Privacy. Title of position(s) if applicable. 3. Brief scope of statement of Privacy at your institution ( roles, responsibilities, and the best- authority). Thank you! More than happy to take answers/conversation offline. Cathy Hubbs, CISO American University Washington DC
-- Chad Tracy Director of Information Security, Policy and Compliance Bates College 207 786-6491
Current thread:
- Security and Privacy Positions - FTEs Cathy Hubbs (Oct 08)
- Re: Security and Privacy Positions - FTEs Semmens, Theresa (Oct 08)
- Re: Security and Privacy Positions - FTEs Gregg, Christopher S. (Oct 08)
- Re: Security and Privacy Positions - FTEs Chad Tracy (Oct 08)