Don’t be a chump, sign up for Security Champs
The Information Security Office (ISO) has issued a call for Security Champs. Will you answer?
The Security Champs Program will return in June 2026 after a two-year hiatus while University of Utah organizations implemented the Unified Cybersecurity Toolset (login required) and university IT staff participated in a weekly office hour featuring ISO experts who spoke about the tools and trending topics.
The group, which launched in 2020, is a community of IT staff that works with the ISO to support information security initiatives and share news and best practices with their units.
“Now that most departments, colleges, and orgs have implemented the toolset, it’s time to refocus on Security Champs,” said Clay Postma, director for ISO Program Management, which is taking over the program. “A lot of people have deep dive questions about IT security. Office hours aren’t the best forum for that. Security Champs gives us an opportunity to do deeper dives, additional training, and more IT security-focused topics.”
Trevor Long, director for ISO’s Governance, Risk & Compliance team, which previously led Security Champs, said the recent Canvas data security incident is a good example of a topic that the group would discuss and, as applicable, disseminate information to their college and department.
Sign up to be a Security Champ
To become a Security Champ, email ISO Program Management at iso-program-management@utah.edu.
Notes:
- One representative per unit, please
- Former Security Champs are encouraged to sign up again
Both forums will change with the return of Security Champs. Weekly office hours for the Unified Cybersecurity Toolset will focus more on the tools and the next phase(s) of the University of Utah Cybersecurity Program, while Security Champs will become a community of practice with in-depth IT security discussions and roles and responsibilities for each member.
“Before the Cybersecurity Program and University of Utah Information Security Policy 4-004 updates, Security Champs was kind of a community forum, just a conversation piece,” Long said. “Now that those things are in place, the university has cybersecurity work it needs local IT staff to help with. That’s why we need some deputies.”
For example, Long said, Security Champs could help with an assessment of the university’s IT security posture. Each champ would provide information about their unit’s level of maturity, which will help the ISO measure the university’s progress over time.
Postma added: “If we want to mature what we’ve been doing with the toolset implementation, we need to start focusing on specific things like what cybersecurity means and the state of our assets, and we need people with expertise to participate.”
Security Champs will meet quarterly unless members want to meet more often or need dictates it.
“Since cybersecurity is such a growing, critical topic , it might be more useful to meet monthly instead of quarterly. But we'll suss that out as we go,” he said.
The first meeting will include an overview of the program, updates from ISO leaders, and plans for the next session.
Postma is still looking for one representative from each unit to commit a few hours each month to the role, which will include assignments at times. For various reasons, Postma asks former Security Champs who are interested in rejoining the group to sign up again.
Node 4
Our monthly newsletter includes news from UIT and other campus/ University of Utah Health IT organizations, features about UIT employees, IT governance news, and various announcements and updates.