Menu

Wananga landing Wananga landing
Topic

Cyber security management

02 September 2024

The UC Digital Security and Risk Team provides the cyber risk and resilience capability within the University that ensures effective management of cyber risk and resilience of technology across the University of Canterbury landscape.

HOW TO APPLY

Cyber risk refers to the potential of loss or harm related to technical infrastructure or the use of technology. Cyber resilience is when people, processes and technologies can quickly adapt to changing cyber threats.

In an increasingly hostile and rapidly changing digital world, our purpose is to provide effective, adaptable and risk appetite-aligned management of cyber risks to support the University of Canterbury in its vision of a University that is Engaged, Empowered, Making a Difference.

Cyber security strategy and leadership:

  • Oversight of the University Cybersecurity Risk Profile

  • Development and execution of security strategy, vision & policies

  • Executive and key stakeholder engagement

  • Vendor management

  • Team development and leadership

  • Alignment with University strategy and risk appetite

  • External contact for government agencies

  • Security incident management

  • Technical security control testing and compliance monitoring

  • Vulnerability management

  • Threat prevention, detection, recovery and intelligence 

  • Secure Operations Improvement 

  • Security Assuarance

  • Security Testing

  • Security Consulting

  • Solutions or design security guidance

  • Security control design

  • Development of standards

  • Development of tactical solutions 

  • Security standards and guidelines

  • Security domain roadmaps

  • Security programme roadmap

  • Information security risk and controls assessments
  • Cyber risk management consultancy and advisory

  • NIST CSF compliance and maturity monitoring

  • Cybersecurity Audit 

  • Governance – security frameworks, policies and standards

  • Security domain roadmaps

  • Security programme roadmap

  • Cyber awareness and culture program planning and delivery

  • Training, event, communications planning and facilitation

  • Knowledge testing design and delivery

  • Proactive engagement of University communities 

  • Education and awareness content development

  • Awareness and behavioural metrics and reporting

  • Risk area profiling/identification and learning needs analysis

  • Security domain roadmaps

  • Security programme roadmap

  • Cybersecurity Infrastructure & Platform Management

  • Agile cyber team operational delivery management

  • Protective Security Requirements (PSR) advisory

  • University Foreign Interference 

  • Proactive, collaborative engagement of University research areas

  • Communication and facilitation of cybersecurity  service offerings to research areas

  • Execution of approved cybersecurity strategic plan

  • Cybersecurity continuous improvement program planning & delivery

 

The Digital Security & Risk Practice works closely with capabilities and areas throughout the University, including:

  • Risk & Insurance

  • Research

  • Information Management 

  • Digital Services

  • Facilities

  • People & Culture

The University’s cyber security and general IT policies and procedures can be viewed on the University Policy Library

Key University policies/procedures relevant to cybersecurity include:

  • Cyber Security Policy

The governance of cyber security and cyber risks is embedded throughout operational, executive and strategic layers within the University. Regular cybersecurity briefings are provided to key University executive management and governance groups including:

  • Cybersecurity & Risk Working Group

  • Cybersecurity Program Board

  • Risk Advisory Committee (RAC) 

  • Audit and Risk Committee (ARC)

  • Senior leadership Team

  • Council

Cyber risk management processes are being developed to include identifying, analysing, evaluating, treating, and monitoring cyber risks for university information assets and services.  These cyber risk management processes are supported by the University’s cybersecurity policies, standards, and procedures and are aligned with the University enterprise risk management framework and industry best practices. 

Further information:

The Digital Security and Risk capability provides Information Security Risk Assessment to ensure that the university upholds its responsibilities. To find out more about the cybersecurity assessments process visit ( UC user access ony): UC Cybersecurity Assurance Process.


Privacy Preferences

By clicking "Accept All Cookies", you agree to the storing of cookies on your device to enhance site navigation, analyse site usage, and assist in our marketing efforts.