Information Security Office
The Information Security Office provides leadership in developing, delivering, and maintaining programs and services that support Rutgers IT’s strategic priorities. These programs and services include cybersecurity policy development, cybersecurity risk management (risk assessment, mitigation, and monitoring), cybersecurity compliance program strategy (PCI, GLBA, CMMC, etc.), and cybersecurity awareness and training services.
Report a suspected scam, breach, or theft.
About our organization, services, and units
Cybersecurity Compliance Program
The Information Security Office assists technical and business teams, as well as the research community, with meeting regulatory and legal requirements to include contract reviews, annual compliance assessments, and mandated Security Awareness Training (i.e., Gramm-Leach-Bliley Act (GLBA), Payment Card Industry Data Security Standard (PCI-DSS), etc.).
Cybersecurity Risk Management Program
Rutgers’ Cybersecurity Risk Management Program involves the identification, assessment, and prioritization of risks following a coordinated and efficient application of IT resources.
Cybersecurity Awareness and Training Program
The Cybersecurity Awareness and Training Program provides clinical, academic, and administrative staff with educational offerings meeting regulatory training requirements (i.e. PCI-DSS, GLBA, CMMC, etc.), supplemental training on handling sensitive Rutgers data, and general information for Rutgers community members on how to protect their information online
Data Loss Prevention Services
The Information Security Office offers Data Loss Prevention (DLP) services to departments, schools and units that manage data classified as Critical, Restricted and/or Internal under the 70.1.2-Information Classification Policy.
Incident Detection and Response
The incident detection and response team monitors for, analyzes, and responds to cybersecurity incidents, and works with departmental computing staff for resolution.
More cybersecurity resources
Read more about policies, tips, training, and more that help the Rutgers community protect accounts, devices, and data while meeting security and compliance requirements.
Information Security Executive Leadership
Frank Reda
Chief Information Security Officer
As Chief Information Security Officer, Frank shapes enterprise IT strategy with a strong focus on cybersecurity, risk management, and institutional resilience. During his time at Rutgers, Frank has led major initiatives to strengthen the university’s security posture, including a cybersecurity maturity assessment, a multi-year cybersecurity action plan, and a third-party risk management assessment, and has played a central role in guiding Rutgers’ response to major cybersecurity incidents. Frank currently serves as a vice president in the Office of Information Technology and deputy CIO of the university, overseeing the Information Security Office and Health Sciences IT, among other areas, while helping advance enterprise-wide IT initiatives.