Robert Lau Director, ITS Systems Security
Robert Lau oversees the information security group in Information Technology Services (ITS). He is responsible for the information security practices and policies of ITS, as well as for providing leadership in information security (IT) practices for the university community.
The security group is responsible for the prevention, detection, investigation, analysis and remediation of university-wide network based threats and breaches. The group collaborates with the university's security office and departmental IT security leaders to establish best practices and policies for firewalls, intrusion detection, log analysis, incident response, security training, and vulnerability scanning.
The group also provides support to the university's Office of Information Security (OIS), Department of Public Safety (DPS), Office of the General Counsel (OGC), and Office of Student Judicial Affairs (SJA) to assure compliance with federal, state, local, university, and other regulatory policies and laws related to information security and privacy.
Lau has over 15 years of experience in securing systems, networks, code, and information. Prior to his appointment as director of ITS systems security, Lau served as a senior security engineer for Savvis, a provider of IT services for large enterprises. While at Savvis, he was responsible for architecting service, network, and systems to conform to relevant regulations, such as the PCI data security standard and HIPAA. He helped form the first dedicated intrusion and detection response service for the company, participated in compliance reviews by external auditors, and worked with law enforcement agencies. Lau also served as the chief technology officer for DuMonde Solutions, a consulting firm specializing in PeopleSoft, Oracle, and SAP technologies. He has a Bachelor of Science in electrical engineering from USC.