Cybersecurity, IT compliance and risk
With the evolving and ever-present cyber security threat that the university faces and the even higher dependency on connectivity and digital infrastructure due to the rise in remote and hybrid working scenarios we have seen increases in the opportunities for cyber intrusion and attacks. Therefore, it is essential to enhance the cyber security capabilities and resilience of the university.
This section will be led by the Deputy Head of Technology Services – Cyber Security, IT Compliance & Risk (CISO), and will encompass two distinct teams, Information Security Operations and Architecture and Information Security Governance, Risk and Compliance.
Information Security Operations and Architecture
This team will have responsibility for improving the cyber security posture of TU Dublin to reduce the risk of significant security incidents and data breaches. This will be achieved by implementing the NIST Cybersecurity framework for improving critical Infrastructure cyber security.
- This team will develop, deploy, and manage cyber security threat monitoring, detection, and response systems.
- They will use business drivers to guide cyber security activities and considering cyber security risks as part of the organization’s risk management processes.
- The team will apply the principles and best practices of risk management to improve the security and resilience of all IT systems across the University and ensure that robust IT Security is inherent in the design.
- This team will have responsibility for leading and coordinating cyber security Incident responses, to ensure a swift and effective response to cyber security Incidents should they occur.
Information Security Governance, Risk and Compliance
This team will use formal frameworks that provides a structure to ensure TU Dublin’s IT investment supports our business needs and enables the University to achieve its goals.
- Staff in this area will develop and maintain the Universities IT Security, Risk and Compliance policies and will ensure the University remains informed and compliant on all regulatory and licensing requirements, as per university and sectoral requirements.
- The team will provide IT Security advice and guidance to the University community and will actively participate in sectoral wide cyber security initiatives & Steering groups.
- It will be the responsibility of this team to conduct cyber security risk assessments of all Enterprise Systems, ensuring security by design for all IT Systems.
- Staff in this area will manage and maintain the IT Risk Register and work with key stakeholders to eliminate or reduce IT Risks.