Events

SUNY ITEC Wizard 2025

Syracuse, NY

Navigating GLBA Compliance: SUNY Campus Strategies and Emerging Priorities
Presented by Brent Hobby, CampusGuard
November 13, 2025 | 11:00 -11:40 a.m.

This session offers a comprehensive overview of how SUNY campuses are advancing compliance with the Gramm-Leach-Bliley Act (GLBA), highlighting collaborative efforts with CampusGuard and ITEC to strengthen institutional safeguards.

We will explore how campuses have implemented structured information security programs, designated Qualified Individuals (QIs), and developed written incident response plans in alignment with the FTC Safeguards Rule.

A central focus will be the role of third-party service providers in the GLBA ecosystem. While outsourcing may reduce operational burden, institutions remain ultimately responsible for ensuring vendor compliance. We will examine best practices for contract language, oversight, and documentation to mitigate third-party risks.

The session will also clarify the division of responsibilities between campuses, ITEC, and affiliated entities, using SUNY’s GLBA Responsibility Matrix to illustrate how shared controls and compensating measures are mapped across stakeholders.

Attendees will gain insight into how campuses are staying current with regulatory changes, through annual penetration testing, vulnerability scans, and ongoing staff training, and how they are prioritizing key compliance elements such as managing non-public personal information (NPI), maintaining secure data environments, and fostering a culture of privacy awareness.

 

Whether you’re preparing for an audit or refining your security posture, this session will provide actionable takeaways to help your institution meet GLBA requirements with confidence.