Addressing High-Risk Security Vulnerabilities and Enhancing System Management Practices

As a school deeply involved in advanced research that is often targeted by external parties, including nation-states, it is critical that we maintain robust cybersecurity practices. Recent federal regulations and industry standards have underscored the importance of proactively managing our computer systems to mitigate potential risks and vulnerabilities. These requirements are incorporated into agreements we routinely make with our federal funding agencies.  We also do not want to be responsible for a cybersecurity breach that affects the entire university.

What is a software or system vulnerability?
A vulnerability is essentially a weakness or flaw in a computer system or software that can be exploited by malicious actors (hackers) to cause harm. This could include gaining unauthorized access to sensitive information, disrupting system operations, or using the system for unintended purposes. These vulnerabilities can arise from outdated software, misconfigurations, or even bugs in the system that haven’t been patched. Addressing these vulnerabilities is crucial to preventing security breaches and protecting both our data and our research.

To that end, we are implementing a focused initiative targeting high-risk security vulnerabilities that are older than 120 days. In collaboration with the Information Security Office (ISO), we will be identifying the individuals and systems associated with these vulnerabilities to ensure remediation.

Key Points of the Initiative:

1. Communications in December and early January:

The ISO will reach out to faculty and staff associated with systems that have security vulnerabilities older than 120 days. This will allow time to address the issues before more stringent actions are taken.

2. Starting February - System Isolation Notices:

The Information Security Office will send out future quarantine notices beginning February 1 for systems that still have vulnerabilities. System isolation or quarantines will occur 30 days after notices are received if remediation of vulnerabilities has not occurred.

3. Standard Practice for Vulnerability Management:

Going forward, network isolation of systems with older vulnerabilities will be our standard protocol to ensure that the security of our systems remains strong and that we are safeguarding the sensitive data and research under our care.

Importance of Centralized System Management
I want to reiterate the importance of managing all systems through our common system management platforms. This ensures consistent security. If there are systems that, for specific reasons, cannot be managed by these platforms, an approved exception must be obtained directly from my office through the Cockrell School Director of Information Technology Bob Gloyd bobgloyd@utexas.edu.

I appreciate your cooperation and attention to these important changes. If you have any questions or need further clarification, please contact Bob Gloyd or me.

Sincerely,

Roger T. Bonnecaze
Dean, Cockrell School of Engineering