Information Security

Information security incidents are events that give someone access to sensitive information (personally identifiable details, passwords, academic, health, or financial records) without permission. Cyber security is the shared responsibility of every agency employee and business unit. You play a key role in properly safeguarding and using private, sensitive information and state resources.

Learn about information security topics:

Additionally we have created guides regarding information security for the following audiences:

IT Security Awareness

Security awareness often takes a back seat due to the busy lives of faculty, staff, and students' hectic schedule. However, the education of the GC community will stand a chance against sophisticated cybercrime. Despite this importance, we are in a sector that is currently the industry most victimized by ransomware attacks and among the top three industries targeted by data breaching hackers. By taking the measures below, GC positions itself to create a cycle where the learning is continuous, and combined efforts will build a better security awareness culture.

CUNY IT Security Awareness Course

All staff, faculty, and students are encouraged to take this 40-minute Cybersecurity Awareness training program. Additional information is also available for review:

Hologram of security padlock on top of electronic circuit CPU

Work From Home Security Awareness Resources

Review the following work from home security awareness resources, including information regarding the COVID-19 pandemic and "Zoombombing," as well as the form to request a Virtual Private Network in order to secure a connection to the campus network:

Woman with laptop and mobile device
Hands typing on laptop

Request Support

If you suspect a security incident has occurred, immediately report it using this form or emailing

Security Incident Reporting Form
Protective digital shield on laptop

Policies and Regulations

Every user of the Graduate Center's information resources has a responsibility to protect against accidental or intentional access or damage.

Information Security Policies and Regulations