680963 news 1741273357 1741274846 <![CDATA[OIT Spotlight: Georgia Tech Cybersecurity ]]>

As cyber threats grow more sophisticated, Georgia Tech’s Office of Information Technology (OIT) Cybersecurity department works to protect the Institute’s digital infrastructure. Through proactive risk management, collaboration, and security initiatives, the team ensures a secure environment that supports research, education, and daily operations across campus. 

 

A Strategic Approach to Cybersecurity 

The OIT Cybersecurity team takes a service-oriented approach, prioritizing risk-based strategies to strengthen security while supporting Georgia Tech’s mission. “We continuously seek the most effective ways to respond to threats while also preparing for known risks through tabletop exercises and incident response drills,” said Sherman Lofton, senior director of Cybersecurity Operations. 

Georgia Tech’s cybersecurity team thrives on collaboration and expertise, ensuring that security measures support rather than hinder the Institute’s mission. “This is accomplished by having strong teams with diverse experiences and expertise and allowing them the room to grow but also realizing that we are here to provide a service to the campus community,” said Sherman.  

 

Addressing Emerging Threats 

As cyber threats evolve, the team remains focused on mitigating the most pressing risks: 

 

Future Trends in Cybersecurity 

Georgia Tech stays ahead of cybersecurity challenges by adopting innovative security strategies. Key trends shaping the future of cybersecurity in higher education include: 

 

Cybersecurity and Business Continuity: A Unified Approach 

The cybersecurity team works closely with OIT’s business continuity and disaster recovery program, led by IT Disaster Recovery Lead Mudeet Mathur. “Preparation is at the center of any disaster recovery program,” said Mathur. “Operational resilience ensures we can respond quickly and efficiently to security incidents.” 

To strengthen preparedness, the team conducts regular business continuity tabletop exercises, such as a recent simulation addressing how Georgia Tech would continue operations in the event of a Microsoft Teams outage. These exercises help departments refine their communication strategies and disaster response plans. 

 

Key Accomplishments 

The cybersecurity team has achieved significant milestones over the past year, including: 

  • Virtual Southeastern Cyber Cup 2024 – A national-level cybersecurity competition attracting nearly (x) participants from (x) colleges and universities. 
  • Georgia Tech Payroll Fraud Incident Response – Rapid containment and mitigation of a high-impact fraud attempt. 
  • Security Certifications – Multiple team members earning Certified Information Systems Security Professional (CISSP) credentials. 
  • Log Management Optimization – A 50% reduction in daily log ingestion, improving system efficiency. 
  • Business Continuity Plan Development – Successfully creating and testing business continuity plans for OIT, ensuring compliance with the Office of Emergency Management’s policy mandates. 
  • Crisis Management Team Establishment – Implementing a Senior Leadership Team (SLT) Crisis Management Team to support Georgia Tech’s centralized response efforts. 

 

Key Initiatives and Upcoming Projects 

The Cybersecurity department is actively working on several projects to enhance security across the Institute: 

  • Network Access Control (NAC) Pilot 
  • Web Application Firewall Implementation 
  • Azure Data Lake Security Enhancements 
  • Migration from Qualys to Tenable for Vulnerability Management 
  • Proof of Concept (POC) for Palo Alto XSIAM and IronScales 
  • Creation and Enhancement of a Master List of Technology Dependencies – Establishing a comprehensive, standardized technology dependency list for all business continuity plans across Georgia Tech. 

 

Empowering the Georgia Tech Community 

Cybersecurity is a shared responsibility, and education remains a key component of Georgia Tech’s approach. Lofton shares, “The cybersecurity team’s goal is to empower the campus community with the knowledge and tools they need to stay safe online,” said Lofton. 

OIT provides mandatory biannual compliance training through the KnowBe4 platform, phishing awareness campaigns, and offers resources for faculty, staff, and students to enhance their cyber hygiene. 

To contact Cyber Security to report a phishing attempt or security incident, visit Georgia Tech’s cybersecurity page

For additional cybersecurity resources and information, visit the Georgia Tech Cybersecurity Awareness page.

]]> 2025-03-06T00:00:00-05:00 Georgia Tech’s OIT Cybersecurity team takes a strategic approach to protecting the Institute’s digital infrastructure, addressing evolving threats including phishing, ransomware, and DDoS attacks. In collaboration with business continuity efforts, they ensure rapid response to incidents and system disruptions. Through proactive risk management, security initiatives, and ongoing training, the team works to keep the campus community informed, resilient, and secure in an increasi digital landscape.

]]> 676483 image <![CDATA[iStock-2201575835.png]]> 260280 image/png KnowBe4 is a security awareness and compliance training platform used by organizations around the world to strengthen their cybersecurity culture and reduce human risk. Since 2022, the University System of Georgia (USG) has utilized the platform for its biannual cybersecurity compliance training for USG employees.

]]> 174291 153 https://security.gatech.edu/ https://security.gatech.edu/training https://oit.gatech.edu/cybersecurityawareness 174291 1404 8111 9299