A picture of what university IT is like
I've written before about how university IT is peculiar and convoluted. Now, courtesy of the UC Berkeley Campuswide Information Strategic Plan 2004-2005, comes a lovely description of this complicated environment: its Campus IT Plan: Critical issue 5: Governance, funding, structure section. (Other sections of the report are also interesting; I've got some reading to do.)
I'm pretty sure you could reuse that section more or less as-is to describe the University of Toronto. And probably most (or every) decent-sized university, because the forces operating on all of us are pretty much the same no matter where you are.
(Some of the forces, such as splintering of budgets and local IT becoming just one part of a group's larger budget, probably also apply to companies too.)
A sort of additional discussion of these issues is where I found the link, in Behind UC Berkeley's network. (The hat tip for that link goes to Slashdot.)
Network security for universities is one of those convoluted and politically charged issues, partly because a lot of people are going to rationally see security as an overhead that they'd like to trim out of their budget if at all possible. (And let's face it; security is an overhead.)