Challenge: Decentralized Structure & Open Culture Challenge Information Security
A major university’s biosciences division included 5,000 faculty and staff spread across 32 departments, each with its own IT support and unique cybersecurity requirements. These departmental silos prevented the security team from assessing the entire IT landscape. It also created gaps in security controls, inconsistencies with applying security controls and duplication of efforts.
Another challenge for information security was the university's commitment to open inquiry and interdisciplinary research. From an information security perspective, freely sharing information throughout the university, with other institutions and around the world introduces risk.
For the security team, the last straw was trying to follow the Federal Information Security Management Act (FISMA) procedures and controls for protecting government information, operations and assets against threats. The only way for the university division to meet FISMA requirements was to add headcount (a nonstarter) or seek a technology solution.
Download the case study to learn more.
NAVEX’s GRC software and compliance management solutions support the integrated risk, ESG and compliance management programs at more than 13,000 organizations worldwide.