March 18, 2024

To keep Penn at the forefront of innovation and academic excellence, the University launched a program to enhance its technology and data environment. By direction of the Senior Executive Vice President, the overall goal is to enhance the protection and safety of the education, research, and service that Penn provides daily, and to allow our community to continue with Penn's mission uninterrupted. The University will be improving our capabilities to detect, identify, defend against, respond to, and recover from increasingly sophisticated attacks. This new program is called Penn SecureIT.

This newsletter is the first of many communications you will receive throughout this program. You are receiving this because your role and support is vital to the success of Penn SecureIT.

The Penn SecureIT team underscores our commitment to maximum collaboration, communication, change management, and transparency with the EVP divisions and all other involved stakeholders throughout this program.

What motivated Penn SecureIT?

A security assessment conducted last year by Deloitte identified opportunities to bolster Penn’s technical security posture throughout its administrative divisions. The program includes the Active Directory, servers, endpoints, cloud infrastructure (Azure), and network equipment (firewalls and VPNs). 

Who makes up the Penn SecureIT Program Team?

The request for Penn SecureIT originated from the Board of Trustees, who want us to manage cyber threats more effectively in our decentralized environment. They will be actively monitoring the program’s progress. ISC has project management responsibility for Penn SecureIT. The program team consists of six EVP divisions who are involved in Penn SecureIT’s planning and delivery. These divisions include:

What is happening now with Penn SecureIT?

The program team is currently working through the “Discovery Phase” that involves assessing and prioritizing Penn’s security opportunities as identified in the Deloitte report. Discovery is targeted for completion by the end of March and will result in specific initiatives that will be the primary focus of Sprint 1 in 2024. We will have much more information to share regarding Penn SecureIT's scope in early April after the Discovery Phase is complete.   

Where can I find more information about Penn SecureIT?

A Penn SecureIT microsite with more information is available here.

Many great questions have already been asked about Penn SecureIT. Answers have been consolidated into this Frequently Asked Questions (FAQ) document. We will continue to update the FAQs with new questions that arise throughout the program duration. 

We have also set up a Penn SecureIT help email. Please feel free to email the program team with any Penn SecureIT-related questions, needs, or information you wish to share.  

We will send another newsletter in early April once the Discovery Phase is complete and more details about Penn SecureIT’s scope is available. 

In the meantime, we are excited to embark on this Penn SecureIT journey and look forward to collaborating with you!

Issued by Penn SecureIT’s program team