Welcome!
Wharton’s Information Security Office is dedicated to safeguarding our community’s digital information and promoting a secure and responsible online environment.
ISO protects Wharton’s assets, systems, data, brand, and reputation with risk identification, reduction, governance, compliance, identity, and access control. Our team enables Wharton’s success and support the School’s mission by identifying and reducing risk.
Our team focuses on promoting a culture of information security, privacy, innovation, and digital transformation throughout the School through cross-departmental collaboration, ensuring resiliency through effective risk management and trustworthy teaching, learning, and research.
Report a Security Incident
If you suspect a security incident such as a phishing attempt, data breach, or compromised account, contact us immediately.
Get in Touch
Have questions about information security? We encourage departments and individuals to reach out for consultation on securing data, risk assessments, or guidance on school or university security policies.
- Email: security@wharton.upenn.edu
Submit a Risk Review
Please complete the Security and Privacy Scoping Form. Once submitted, your request will be reviewed by ISO for evaluation.
External Resources
Wharton Computing Knowledge Base
The knowledge base is your go-to resource for comprehensive guides, how-tos, and service recommendations for all things technology at Wharton whether that’s setting up accounts, accessing software, troubleshooting issues, or learning about available services.
National Institute of Standards and Technology (NIST) Cybersecurity Framework
The NIST Cybersecurity Framework provides a comprehensive, risk-based approach to managing and reducing cybersecurity risks. It’s a widely adopted resource that organizations of all sizes use to build robust security programs, align their processes with industry standards, and improve their overall security posture.
Learn more about the NIST Cybersecurity Framework
Also check out their cybersecurity glossary!
Cybersecurity & Infrastructure Security Agency (CISA)
CISA is the U.S. government’s lead agency for cybersecurity. CISA offers up-to-date alerts, best practices, and a wide range of tools to help organizations and individuals protect their digital environments from threats. Stay informed about the latest in cyber defense strategies.
Educause
Educause offers resources for higher education institutions and IT professionals to strengthen their cybersecurity posture. From security awareness training and compliance frameworks to risk management and data protection strategies, Educause empowers IT professionals to develop strong security cultures.
SANS Institute
The SANS Institute is a trusted leader in cybersecurity training. Their Security Awareness programs offer actionable insights to help individuals and organizations defend against the latest cyber threats. Discover training tools and best practices that promote a security-first mindset in your daily activities.