Skip to content

Information Security

Last updated: June 27, 2025

Divisional charter: Intent and Purpose

The Information Security (IS) division works closely with partners across the tri-campus community to protect the University of Washington’s people, systems, and data. We support a secure digital environment for research, learning, and discovery by strengthening the University’s ability to manage risk and respond to threats. Our work supports secure, compliant, and resilient technology operations, building trust in how UW stewards personal and institutional data.

Key Responsibilities

  • Risk Management & Compliance
    Identify, assess, and reduce enterprise-level security and privacy risks in collaboration with campus partners.
  • Data Security
    Protect user identities, manage access to systems and data, and secure sensitive information through layered, proactive defenses.
  • Threat Intelligence & Incident Response
    Monitor threats, investigate incidents quickly, and respond to minimize impact and restore operations.
  • Privacy & Personal Data Protection
    Offer guidance on legal requirements, individual roles, and best practices to help campus partners handle personal data responsibly and transparently.
  • IT Resilience & Business Continuity
    Support critical operations by leading strategic planning, conducting regular continuity exercises, and helping units respond effectively to disruptions.

Our Approach

IS partners with system owners, data stewards, and leaders across the University to implement effective security and privacy measures.

  • Prepare & Prevent
    Develop clear policies, provide training and resources, strengthen technical defenses, and design systems that prevent incidents before they happen.
  • Contain & Respond
    Act quickly to investigate, isolate, and resolve threats while reducing disruption and protecting essential services.
  • Recover
    Help partners remediate issues, apply lessons learned, and refine UW’s security strategies for resilient futures.

Divisional units

  • Identity and Access Management
  • Privacy Operations
  • Risk Management Services
  • Security Operations
  • Technical Business Continuity

Divisional leader

Karen Campbell, Associate Vice President for Information Security