About the ISO

The Information Security Office is dedicated to providing information security services and expert security guidance to BSD leadership and all members of the BSD research and academic enterprise to ensure confidentiality, integrity, and availability of its information assets and data, in accordance with organizational security policies and applicable state and federal laws, as efficiently as possible.

The vision of the Information Security Office is to provide leadership in the development and delivery of information security services; develop a risk management and auditing program to safeguard BSD data and information assets against unauthorized use; promote security awareness within the BSD; and simplify security processes through automation to enable research and education.

Operate an enterprise cybersecurity risk management program to identify, analyze, and mitigate cybersecurity risk to the BSD IT infrastructure including its business units, subsidiaries and stakeholders. Provide governance, strategic planning, and sponsorship for the organization’s cybersecurity activities in a manner that aligns cybersecurity objectives with the organization’s strategic objectives and the risk to BSD research and academic IT infrastructure. Protect BSD IT systems and information assets from unauthorized access, alteration, disclosure or destruction. Cultivate relationships with faculty and staff, the University of Chicago, the University of Chicago Medicine and external entities to collect and provide cybersecurity information to reduce risks and increase operational resilience.

• BSD ISO Cyber Security Awareness Newsletter
• BSD Security Assessment and Authorization
  • How to submit a Security Assessment and Authorization (SAA) request
• HIPAA Privacy Program
  • Information on the HIPAA Privacy Program
• ITServices IT Security
  • Information page for the University Security Team (ITS)
• Lost and Stolen Devices
  • Have a lost or stolen device to report?