About
The mission of the Office of Information Security (OIS) is to implement and maintain a security program that protects the University’s computing systems, services, network, and data from intentional and unintentional loss, disclosure, alteration, destruction, and unavailability.
Clemson University deals with valuable information and is exposed to numerous threats each day including unauthorized access to Clemson IT systems, data loss or theft, phishing, physical threats such as disaster or destruction of IT resources, and more. To combat these threats, Clemson has a range of technologies, practices, procedures, and policies.
Strategic Goals
- Safeguard the confidentiality, integrity, and availability of University information assets.
- Monitor, manage, and mitigate technical threats.
- Drive the design and implementation of secure information technology systems.
- Ensure the security policies, procedures, standards, and guidelines align with the needs of the University.
- Enable a security culture by promoting information security awareness that will protect institutional data and meet compliance obligations.
Governance, Risk, and Compliance
- Develop IT Security policies, procedures, and standards, that elevate the security posture of the enterprise, while supporting the business, academic, and research initiatives of the University
- Provide assessments and consultation for business areas governed by regulatory or policy requirements to ensure federal and state laws, industry regulations, and institutional policies are followed
- Develop and manage a Security Awareness and Education curriculum that provides training opportunities, quality materials, and timely communications that empower all members of the University community with the knowledge and skills needed to protect themselves and the University
Security Technology
- Implement and maintain security tools that apply appropriate technical controls for end user devices, and IT infrastructure components, based on their roles and access privileges.
- Ensure security tools are strategically placed within the University environment to defend assets, collect appropriate information, providing monitoring and investigative capabilities of activities on the University network
- Engage with the University community to ensure security standards are followed for application development and systems use
Staff
John Hoyt, Chief Information Security Officer
Steve Higareda, Director of Security Infrastructure & Operations (Deputy CISO)
Tom Webb, Senior Security Engineer
Daniel Herold, Endpoint Security Engineer
Carl West, Network Security Engineer
Cody Rathbone, Cloud Security Engineer
Dylan Porter, Manager, Security Operations Center
Tom Grisham, Information Security Analyst
Adem Dokmeci, Information Security Analyst
Chris Brown, Director of Information Security Assurance
Patrick McGee, Information Security Services Coordinator
Kevin Allmond, Security Assurance Engineer – HR
Jeff Whitson, Security Assurance Engineer – Finance
Calvin Watts, Security Assurance Engineer – Student Data
Steven O’Hare, Security Assurance Engineer – Research
Michael Bryant, Director of Offensive Security
Frank Monteleone, Director of Healthcare Infrastructure Security
Ben Sparks, Senior DHHS Security Analyst
Ahmed Malik, Information Security Analyst
Greg Barnette, IT Manager for Medicaid Information Technology Services
Heather Trent, Desktop Systems and Software Support Analyst
Tom Ross, Server Administration and Information Analyst
For more information, contact Office of Information Security.