CYB 6010 · St. Francis College

Strategic Programs

Strategic Programs

Year 1 Initiative Portfolio

Three sequenced programs addressing material risks. Each program has defined ownership, budget, and success metrics.

$18K-$25K/yr

Security Awareness & Phishing Resilience

Reduce human-factor breach probability across faculty, staff, and high-risk administrative roles

Sponsor: President / CISO

Risks: R-1, R-5

$30K-$45K Year 1

Zero Trust Access & Identity Governance

Establish verified identity and least-privilege access across all institutional systems processing FERPA data

Sponsor: CFO / IT Director

Risks: R-2, R-3, R-5

$12K-$18K Year 1

Third-Party Risk Management & Vendor Governance

Ensure Tier-1 vendors handling student data meet contractual and security assurance requirements

Sponsor: CFO / Legal

Risks: R-4, R-2

Framework alignment

NIST Cybersecurity Framework 2.0 · Primary governance structure
ISO/IEC 27001:2022 · ISMS design principles
FERPA · Mandatory compliance
NY SHIELD Act · State regulatory requirement
CISA Education Sector Guidance · Baseline posture reference

St. Francis College Cybersecurity Governance Portal · CYB 6010 · For executive and board use