��ɫ��Ƶ

Cybersecurity threats and academic freedom were top of mind during Provost Ann Stevens’ first address to the Boulder Faculty Assembly (BFA) on Nov. 6.

“I want to thank all of you for what you do all the time as faculty members but also for your participation in this group,” Stevens began, adding, “Shared governance and participation (at ��ɫ��Ƶ) is very healthy and that’s really good to see, and I think the relationships are strong, and I’m looking forward to continuing that.”

Provost and Executive Vice Chancellor for Academic Affairs Ann Stevens

��

��

Stevens also reaffirmed the institution’s commitment, as well as her own, to academic freedom, despite various, continued threats.

“You are here because we believe in your expertise in your area of scholarship, creativity, research, as well as teaching, and we want you to be able to continue to pursue that,” said Stevens. “We do not want any perceived threat or chilling effect to make you change that, shy away from that expertise, and we want to provide resources if you are feeling threatened in some way.”

One such resource that was highlighted was the��Scholarship and Safety webpage, which outlines, step-by-step, how to deal with any targeted harassment faculty, staff or students might receive while doing their academic work.

In addition to briefly touching on conversations around faculty compensation, which were discussed more in depth during the��October BFA meeting, Stevens highlighted ongoing concerns about academic freedom when it comes to cybersecurity.��

While not diminishing these concerns, she added, “If we neglect our cybersecurity needs, that can, with one breach, shut down your ability to do that work; so that is the very challenging balance we have to keep.”

“We all support academic freedom—my office, the campus and also OIT. We are all in support of that, and we remain fully committed.”

Update from the IT Security Working Group

The IT Security Working Group was formed at the end of the spring 2025 semester in response to concerns among faculty about new cybersecurity policies the university was rolling out—in particular, concerns about privacy and academic freedom.��

The group worked all summer to draft a preliminary report, which was introduced to Stevens on Aug. 1. A final version was then pulled together and given to BFA leadership.

Co-chairs Jed Brown (computer science) and Markus Pflaum (mathematics) and committee member Valerie Otero (education) presented the findings of their report (available on the BFA website), including their concerns, as well as offering a few possible solutions that they’d like the university to consider. These potential solutions include establishing a data use and disclosure policy and a rebuild of the technical capacity for in-house solutions.

“I hope everyone takes a look at the report,” said Otero.

Vice Chancellor for IT Marin Stanek also attended the meeting. She highlighted what the university is doing to protect scholarship, including how the Office of Information Technology (OIT) is working with researchers to implement security updates within the particular parameters of researcher needs, while also specifying OIT knows that “one size for security standards does not fit all.”

Stanek acknowledged concerns that faculty were not part of the process for developing these new security measures and has been trying to include faculty input going forward.

“We are listening. I am listening. I think about this every day, and it matters, and I hear what you’re saying,” Stanek stressed. “I believe all of you are experts, but we do have (IT security) gaps, and that’s where we need to close our gaps. I welcome the conversation to figure that out.”

In other BFA action��

• BFA Chair Alastair Norcross gave an update from the most recent CU Faculty Council meeting, which included substantial discussion regarding the mutual defense pact resolution approved by BFA in October.
• The BFA introduced three notices of motions to discuss and vote on in December. These included an amendment to the BFA bylaws to change the frequency of the meetings in response to the new academic calendar; a resolution to reject loyalty oaths, which was drafted in response to the conversation about the mutual defense pact at CU Faculty Council; and a resolution against surveillance in the name of security, which was introduced in response to the final IT Security Working Group report.

Learn more about the BFA and previous actions on��the BFA website.