Cybersecurity, Data Privacy, & Policy

The Cybersecurity, Data Privacy, & Policy team guides the University community to understand and adhere to established cybersecurity policies and best practices. The team maintains a repository of policies and practices designed to protect the confidentiality and integrity of University data, while maintaining its availability to the UK community.

Cybersecurity

The Cybersecurity team is responsible for overseeing the University of Kentucky’s network security, effectively managing the resolution of cybersecurity incidents, including but not limited to distributed denial of service (DDoS)  attacks, man in the middle attacks, SQL injection attacks, phishing and spearphishing attacks, and enforcing applicable policies to ensure that each UK customer’s information is protected in the most secure manner possible.

UK Information Security Policy

Data Privacy & Policy

In collaboration with other teams, the Data Privacy and Policy team establishes required minimum security standards for handling the University’s data and information, oversees technology policy, and manages information security training and awareness. These efforts support students, faculty, staff, and the IT Strategic Plan while upholding the mission of the University of Kentucky. Data Privacy and Policy also provides IT policy consultation, as requested. This team additionally works with the ITS Review Committee as well as the Data Privacy Advisory Council to review and form appropriate IT security practices. More details here.

Disaster Recovery & Risk Management

Disaster recovery and business continuity enable the recovery or continuation of critical technology infrastructure following a natural or human-induced disaster. This effort ensures that critical university systems are available or can be restored quickly, enabling the university to continue critical operations.