Information Security

To report a security incident please contact the HUIT Service Desk 
Email: ithelp@harvard.edu, Phone: 617-495-7777

The IT Security department consists of four main groups each working to deliver services to the community or to directly support those services.

  • Policy Risk and Compliance (PRC) - Delivers the following services
    • Vulnerability Assessment, Penetration Testing, and Code Analysis
    • Security Consulting
    • Security Education
  • Cyber Security Center (CSC) - Delivers the following services
    • Digital Certificate Management
    • Computer Security Incident Response and Digital Forensic Investigation
  • Security Architecture and Engineering (SAE)
    • Delivers internal services to the department, primarily the Security Operations Center and the infrastructure needed to support the applications and services of the department.
  • Project Management Office (PMO)
    • Delivers internal services to the department, assisting in the delivery of new initiatives by providing project management services, communications metrics, and reporting.

Key Responsibilities

  • Develop and communicate guidance for preserving the availability and integrity of the University’s electronic assets
  • Develop a risk-based information security program aligned with control frameworks established by the Committee of Sponsoring Organizations of the Treadway Commission (COSO) and Control Objectives for Information and related Technology (COBIT) 
  • Manage the resources required to oversee policy and deliver information security services to the University
  • Lead IT Security Incident Management and related processes

Our Key Services

  • Vulnerability Assessment, Penetration Testing, and Code Analysis
  • Digital Certificate Management
  • Computer Security Incident Response
  • Network Traffic Security Monitoring
  • Security Education
  • Security Consulting

Our Goals

Service Level Agreements

The IT Security department has defined a number of service levels which we endeavor to maintain. Details can be found in the documents provided here:

Our Leadership Team
Christian Hamer Chief Information Security Officer christian_hamer@harvard.edu
Bill Knox Director of IT Security Operations william_knox@harvard.edu
Tracy Walden Security Risk Officer tracy_walden@harvard.edu  
Sandy Silk Director of IT Security Education and Consulting sandra_silk@harvard.edu
Ventz Petkov Senior Security Systems Engineer  ventz_petkov@harvard.edu
Harry Hoffman Information Security Architecture and Engineering harry_hoffman@harvard.edu
Liz Eagan Information Security Policy and Compliance Officer liz_eagan@harvard.edu

Service Level Agreements

The IT Security department has defined a number of service levels which we endeavor to maintain.  Details can be found in the documents provided here:

General Information on SLA91 KB
SLA Specifics87 KB

Looking for someone in HUIT?

Organizational Chart

<embed>
Copy and paste this code to your website.
Copy and paste this code to your website.