Main Nav

The Higher Education Information Security Council (HEISC) supports higher education institutions as they improve information security governance, compliance, data protection, and privacy programs. HEISC is a volunteer effort open to all higher education information security, privacy, and other IT professionals. Learn more >

Programs and Resources

Information Security Guide

A key publication for the higher education security community, maintained by volunteers.

Information Security Program Assessment Tool

Evaluate the maturity of your information security program using this assessment tool created by HEISC volunteers

New to the CISO Role?

The Toolkit for New CISOs provides recommended resources for those new to their role in higher education.

News and Events

Improving Authentication Security

This webinar recording features three organizations working to improve the security of identities and authentication, including promoting and expanding multifactor authentication and cybersecurity...

Top 10 IT Issues: Information Security

Find out which of the top IT issues will have the biggest impact on information security.

The Power of Privacy

Watch the recording of "The Power of Privacy and the Passion to Build Something Better," a free EDUCAUSE Live! webinar with guest speaker Michelle Dennedy. 

Cybersecurity Bills Passed

Congress passed four cybersecurity bills seen as major steps for cybersecurity, representing the first substantial cybersecurity reforms approved by...

IT Governance, Risk, and Compliance

Get the data you need to make informed decisions about IT GRC with this new ECAR report.

Data Breaches in Higher Education

This publicly accessible ECAR report compares higher education to other sectors to help you assess risk.

Security Professionals Conference

The annual Security Professionals Conference is the premier forum for connecting information security professionals, security analysts, IT staff, privacy officers, C-level executives, and others from across the higher education community. Submit a proposal for Security 2015 and plan to join us: May 4–6 in Minneapolis, MN and online. Learn more.


Get Involved with HEISC

Get Involved with HEISCVolunteer to write an article or guest blog or serve on a working group or program committee. We're always searching for innovative practices and projects from the community, so please share your ideas with us. Consider connecting with the HEISC community today and make an impact within your profession. Learn More >

Join the Conversation

Security professionals discuss the latest topics and questions in cybersecurity and privacy. Join the group.>

HEISC on Twitter

Discover the Three Pillars of HEISC


The HEISC Awareness and Training working group shares information that helps security professionals raise IT security awareness on campus with students, staff, faculty, and executives.


The HEISC Governance, Risk, and Compliance working group provides resources on IT security processes, especially as they relate to governance, risk, privacy, policies, legal issues, and compliance.


The HEISC Technologies, Operations, and Practices working group focuses on identifying and promoting tools, procedures, and practical solutions that help campuses prevent or respond to security issues.