Our team is split between four functions. Please click each team below for info.
Chief Information Security Officer (CISO) – Leo Howell
Associate Director of Cyber Security – Christopher Craig
The Engineering team is responsible for assisting campus with new or updated solutions that address security for the technology on campus.
The Log Management Team is a subteam of the Engineering Team, and their information can be found here.
Governance, Risk, and Compliance (GRC)
The Governance, Risk, and Compliance (GRC) Team assists campus with assessment of the implementation of technological controls based on policies, standards, and regulations.
Their role is twofold:
- Information Security Policies & Compliance
The Policy & Compliance sub-program provides the guidance for the creation of Institute-wide information security policies, issue-specific policies, standards, processes, and guidelines. These documents are created in a collaborative effort that involves stakeholders from the campus constituencies, including data stewards and the various academic, research, and administrative groups. The policies, standards, guidelines, etc are used to guide the campus in the implementation of technology as well as ensure that Georgia Tech is compliant with various regulatory and legal requirements (e.g. GLBA, FERPA, PCI, HIPAA).
|Information Security Policies||Policies & Standards|
|Data Protection Safeguards||Lists the controls which must be in place when working with Georgia Tech data|
|Data Categorization||Lists data categories for various types of Georgia Tech information|
Security Operations Center (SOC)
The Security Operations Center (SOC) assists campus with day to day triage and cybersecurity requests. Such triage and requests include but are not limited to:
- General Cybersecurity Incident Response, Including:
- Incident detection
- Security incident triage
- Security incident response and management
- Phishing Investigation
- Malware Response
- Account Compromise Investigation and Response
The Services team assists with implementation of new solutions on campus with regard to cybersecurity, and also assists with issues with implementing existing services to meet specific requirements.