Kathy Bergsma, UF Information Security Manager
Biography
Kathy Bergsma moved to Gainesville in 1978 to study horticulture at the
University of Florida and earned her Bachelors of Science in 1981.
While working on her degree, and five years following
graduation,
she
was employed by West Farms, Inc. managing its greenhouse and
interiorscape businesses.
In 1986, Bergsma accepted a job at the University of Florida as
a
Biological Scientist in the Postharvest Physiology lab of the
Horticultural Sciences Department. There, she installed peer-to-peer
networks and maintained the computer software and hardware used by the
Postharvest group for research purposes. During her time in the
Horticulture Science Department, Bergsma developed an interest for
computers and decided to pursue a master.s degree integrating computer
technology and horticulture. Her thesis was titled, .An Expert System
for Diagnostic Chilling Injury on Tropical Fruits and Vegetables..
In 1993, Bergsma graduated with a Masters of Science in
horticultural
sciences and accepted a job with the Statistics Department at UF where
she was introduced to UNIX administration and network management.
In November of 1995, she accepted an offer from the Animal
Science
Department where she had the opportunity to expand her server
administration skills to include Novell's Netware.
In April of 1999, Bergsma started working as UF's first IT
Security
Coordinator, working at Network Services, part of the Northeast Regional
Data Center and the Office of Information Technology. The UF IT
security team has since separated from the network services department,
but remains under UF.s Computing and Networking Services.
As UF IT Security Coordinator, she implemented a campus-wide
network
intrusion detection system, organized and chaired the committee that
wrote the UF IT Security Policy, supervised the development of the UF
security website, built an incident response team, and organized many
security training events including UF Information Technology Security
Awareness Day (ITSA Day). She is also an active member of Educause, an
organization that focuses on IT security in higher education.
In July of 2003, she was promoted to UF Information Security
Manager,
UF's highest ranking dedicated information security position. In this
position, Bergsma currently strives to further improve UF IT security.
Job Description
Manage information security activities to protect University of
Florida (UF) information technology (IT) resources. Perform the duties
of the UF Information Security Manager as defined in the UF Information
Technology Security Policy and coordinate campus IT security efforts.
Maintain awareness of existing and proposed federal and state law,
policies, regulations, industry practices, standards, security trends,
issues and best practices pertaining to information security. Work with
ITAC-ISM, to recommend UF leadership appropriate changes to address
compliance and to recommend appropriate information security policies,
procedures, and other control techniques that will provide
cost-effective safeguards to reduce, eliminate, or recover from those
risks. Coordinate comprehensive risk analysis of UF information
security. Adopt methods which address access, transfer, disposal, data
integrity, availability, confidentiality, recovery, and contingency
plans utilizing in-depth knowledge of organization. Managing the UF
security team, create, implement, and maintain products to prevent,
detect, contain, and correct security violations in a heterogeneous
operation system environment. Coordinate with UF IT workers to resolve
security exposures and to reduce the potential for exposure. Interact
with law enforcement, General Counsel, and others as needed to resolve
IT security incidents. Organize and participate in information security
training and awareness events, including Information Technology Security
Awareness Day, the security web site, IT Orientation, peer training and
vendor demonstrations. Provide IT security liaison and consulting to
campus units, centers, colleges and departments, as requested.
Represent Computing and Network Services (CNS) on committees, at
meetings, at conferences, and various other venues to facilitate IT
security improvements.
Updated: January 2006
