Strengthening Our Operations: Unified Technology & Security Capabilities
The Technology & Cybersecurity groups provide essential services to support EBSCO’s portfolio of business units. These requirements are crucial for ensuring compliance, mitigating risks, and enhancing operational efficiency. Business leaders are required to integrate these requirements to maintain consistency and uphold our organizational health.
Policies
System Access
Established for user identity, access, and account lifecycle management of information systems.
Policy Details >>System Inventory
Mandates an enterprise-wide inventory of all business information systems to ensure accountability and identify unauthorized devices.
Policy Details >>Internet Usage
Terms of use for internet access to protect business data, communications, and online reputation.
Policy Details >>IT Acceptable Use Agreement
User awareness and guidelines for acceptable use of EBSCO computers, devices, software, and network communications.
Policy Details >>Security Incident Response
Rules for mitigating organizational risk through effective handling of information security incidents.
Policy Details >>Data Classification and Handling
Guidelines for identifying and safeguarding sensitive business information to comply with legal and industry standards.
Policy Details >>Media Sanitization and Disposal
Guidelines for secure sanitization and destruction methods to protect sensitive information during media reallocation or disposal.
Policy Details >>Vulnerability Management
Identification and mitigation of technical vulnerabilities through patching, configuration changes, or compensating controls.
Policy Details >>Phishing Awareness
Aims to protect EBSCO’s users and assets against phishing attempts and other malicious communications through awareness and training.
Policy Details >>BYOD
Establishes guidelines for employees using personal devices for work-related purposes, balancing productivity with security needs.
Policy Details >>Generative AI Policy
Guidelines for secure and responsible use of generative AI systems.
Policy Details >>Standards
Cybersecurity Scorecard
The Standard Scorecard Framework delivers clear, executive-level cybersecurity insights. Drive strategic decisions, ensure compliance, and protect your organization's reputation with actionable metrics.
Standard Details >>Generative AI Tools Standard
Defines the approved generative AI tools for use within EBSCO’s information technology environment. It ensures that the organization harnesses the transformative potential of AI technologies while upholding compliance with policy, ethical use of technology, data security and control, identifying and mitigating potential risks and harms associated with the use of generative AI tools, and protecting both the organization and its stakeholders from adverse impacts.
Standard Details >>EBSCO Security MVP
The minimum-security controls needed originated from the FBI guidelines for Small and Medium Businesses (SMB). They include overlapping controls and policy provisions, as well as additional requirements that may not have escalated to the policy level but are still required.
Standard Details >>Procedures
Cybersecurity Policy Approval
EBSCO's Information Security must review and approve any modifications to standard security policies to ensure consistency.
Procedure Details >>Services
When you see this checkmark that denotes a Service that is required. While all Policies, Standards, and Procedures are required some services are optional.
EBSCO Identity
Secure, centralized access management for all corporate resources, ensuring seamless authentication and information access for team members across the organization.
Service Details >>IT Governance, Risk & Compliance
Business units must utilize our IT Compliance services to set policies, establish controls, and measure compliance with relevant cyber and regulatory requirements (e.g., PCI DSS, NIST, ISO). This service encompasses IT Auditing, Business Continuity Planning & Management, and Data Privacy & Security, ensuring risks are identified, assessed, monitored, and managed across all organizational levels, including third-party risk and security requirements.
Service Details >>Cyber Security & Incident Response
Business units are required to follow cybersecurity policies and procedures to recognize and respond to existing and emerging threats. This service includes cybersecurity monitoring and security incident response to ensure appropriate defense and response to incidents. While corporate policies provide the framework, business units may adapt these to their specific needs, subject to review and approval by the corporate Cybersecurity team.
Service Details >>Discipline Experts
Stories of Success
Diversified Ocean Freight Supply Chain Strategy
Nihiliaetorum quiu verum in telum opulicoorena tquemus adductorum derficaute nius inatus cupiena tuusuloc.
Read More
Lorem Ipsum, Dolor Sit Amet
Nihiliaetorum quiu verum in telum opulicoorena tquemus adductorum derficaute niusQuidefec tus inatus cupiena tuusuloc
Read More
Lacus feugiat class sapien duis iaculis risus commodo
Nihiliaetorum quiu verum in telum opulicoorena tquemus adductorum derficaute niusQuidefec tus inatus cupiena tuusuloc.
Read More