Steven A. Hauck, II, PhD, (Professor of Earth, Environmental and Planetary Sciences) and Jess Shoop (Senior Project Director, UTech) graciously agreed to lead the process of listening to the community, identifying common concerns and aspirations and developing information that responded to constituents’ comments as well as emerging global themes in technology.
Beginning in August of last year, Hauck, Shoop and other planning team members participated in more than 60 meetings, forums and gatherings across the university, as well as large numbers of one-on-one conversations. The group also gathered information from an online survey distributed across the university. More than 1,600 individuals provided responses, giving the team quantitative and qualitative feedback.
Additional external guidance was gained from two independent information security reviews performed in 2015. ITS retained a team of higher education information security leaders from the Research and Education Networking Information Sharing and Analysis Center (REN-ISAC1). REN-ISAC performed a peer-perspective security program assessment in early 2015. The second, external benchmarking assessment of cybersecurity processes and risks was performed by the university’s external auditors, Deloitte, in August 2015. Key findings of both assessments are incorporated into this plan.
From all of this input, the plan started to take shape. With the help of an independent consultant, Brian D. Voss, a first draft of the plan was generated. The draft was then sent to an independent internal Critical Review Team of CWRU students, faculty and staff. This team’s input was invaluable and instrumental in the development of the working plan. The team members are acknowledged in the back appendix.
1 The REN-ISAC mission is to aid and promote cybersecurity operational protection and response within the research and higher education (R&E) communities., www.ren-isac.net