As cyber threats grow more sophisticated, Georgia Tech’s Office of Information Technology (OIT) Cybersecurity department works to protect the Institute’s digital infrastructure. Through proactive risk management, collaboration, and security initiatives, the team ensures a secure environment that supports research, education, and daily operations across campus. 

A Strategic Approach to Cybersecurity 

The OIT Cybersecurity team takes a service-oriented approach, prioritizing risk-based strategies to strengthen security while supporting Georgia Tech’s mission. “We continuously seek the most effective ways to respond to threats while also preparing for known risks through tabletop exercises and incident response drills,” said Sherman Lofton, senior director of Cybersecurity Operations. 

Georgia Tech’s cybersecurity team thrives on collaboration and expertise, ensuring that security measures support rather than hinder the Institute’s mission. “This is accomplished by having strong teams with diverse experiences and expertise and allowing them the room to grow but also realizing that we are here to provide a service to the campus community,” said Sherman.  

Addressing Emerging Threats 

As cyber threats evolve, the team remains focused on mitigating the most pressing risks: 

• Phishing and Social Engineering Attacks – Deceptive tactics designed to manipulate individuals into divulging sensitive information.
• Data Breaches and Ransomware – Heightened risks due to the Institute’s expansive digital landscape.
• Distributed Denial of Service (DDoS) Attacks – Disruptions targeting critical services across campus. 

Future Trends in Cybersecurity 

Georgia Tech stays ahead of cybersecurity challenges by adopting innovative security strategies. Key trends shaping the future of cybersecurity in higher education include: 

• Zero Trust Architecture – Implementing continuous verification for system access.
• Cloud Security Enhancements – Strengthening protection for cloud-based applications and research data.
• AI-Driven Threat Detection – Leveraging artificial intelligence to improve response times and threat remediation.
• Internet of Things (IoT) and Operational Technology (OT) Security – Securing network-connected devices and infrastructure. 

Cybersecurity and Business Continuity: A Unified Approach 

The cybersecurity team works closely with OIT’s business continuity and disaster recovery program, led by IT Disaster Recovery Lead Mudeet Mathur. “Preparation is at the center of any disaster recovery program,” said Mathur. “Operational resilience ensures we can respond quickly and efficiently to security incidents.” 

To strengthen preparedness, the team conducts regular business continuity tabletop exercises, such as a recent simulation addressing how Georgia Tech would continue operations in the event of a Microsoft Teams outage. These exercises help departments refine their communication strategies and disaster response plans. 

Key Accomplishments 

The cybersecurity team has achieved significant milestones over the past year, including: 

• Virtual Southeastern Cyber Cup 2024 – A national-level cybersecurity competition attracting participants from various colleges and universities.
• Georgia Tech Payroll Fraud Incident Response – Rapid containment and mitigation of a high-impact fraud attempt.
• Security Certifications – Multiple team members earning Certified Information Systems Security Professional (CISSP) credentials.
• Log Management Optimization – A 50% reduction in daily log ingestion, improving system efficiency.
• Business Continuity Plan Development – Successfully creating and testing business continuity plans for OIT, ensuring compliance with the Office of Emergency Management’s policy mandates.
• Crisis Management Team Establishment – Implementing a Senior Leadership Team (SLT) Crisis Management Team to support Georgia Tech’s centralized response efforts. 

Key Initiatives and Upcoming Projects 

The Cybersecurity department is actively working on several projects to enhance security across the Institute: 

• Network Access Control (NAC) Pilot
• Web Application Firewall Implementation
• Azure Data Lake Security Enhancements
• Migration from Qualys to Tenable for Vulnerability Management
• Proof of Concept (POC) for Palo Alto XSIAM and IronScales
• Creation and Enhancement of a Master List of Technology Dependencies – Establishing a comprehensive, standardized technology dependency list for all business continuity plans across Georgia Tech. 

Empowering the Georgia Tech Community 

Cybersecurity is a shared responsibility, and education remains a key component of Georgia Tech’s approach. Lofton shares, “The cybersecurity team’s goal is to empower the campus community with the knowledge and tools they need to stay safe online."

OIT provides mandatory biannual compliance training through the KnowBe4 platform, phishing awareness campaigns, and offers resources for faculty, staff, and students to enhance their cyber hygiene. 

To contact Cyber Security to report a phishing attempt or security incident, visit Georgia Tech’s cybersecurity page. 

For additional cybersecurity resources and information, visit the Georgia Tech Cybersecurity Awareness page.