12 Months of Ready-Made Security Awareness Communications You Can Use in 2017

Use our Annual Campus Security Awareness Campaign materials to create a steady stream of privacy and security awareness info & helpful resources for students faculty & staff. Content can be adapted for your institution's needs, whether you promote topics monthly or quarterly.

HEISC Mission

The Higher Education Information Security Council (HEISC) was established in July 2000 to provide coordination for the higher education sector. The HEISC mission is to support higher education institutions as they improve information security governance, compliance, data protection, and privacy programs. HEISC accomplishes this work through volunteer groups supported by professional EDUCAUSE staff, as well as collaborations with other organizations that address information security and privacy in higher education. HEISC actively develops and promotes information security leadership, awareness, and understanding; effective practices and policies; and guidance for the protection of critical data, IT assets, and infrastructures. Read the HEISC charter for more information.

2017 Strategic Priorities

  • Advance Information Security Strategies in Higher Education
  • Continue to Build the Information Security Profession
  • Strengthen Foundations

Major Areas of Focus

HEISC Advisory Committee

The HEISC Advisory Committee is responsible for ensuring progress in meeting the strategic priorities of the council. To accomplish this, it creates and monitors working groups and sponsors other activities, annually reviews the strategic priorities to see if changes are needed, and annually sets objectives for the working groups that will produce tangible outcomes furthering the goals of the council.

EDUCAUSE engages the HEISC Advisory Committee on a regular basis to identify and obtain the resources needed to accomplish the goals of the council, including recruiting human resources; developing and implementing strategies to engage higher education institutional leadership, association executive leadership, and corporate leadership in furthering the goals of the council; ensuring effective communication and collaboration with Internet2 and REN-ISAC working groups; and periodically assessing the functioning of the council and, when appropriate, overseeing the change process.

  • Lanita Collette, Chief Information Security Officer, The University of Arizona
    2017 Security Professionals Conference Program Committee Chair
  • Matthew Dalton, Chief Information Security Officer, University of Massachusetts Amherst
    Governance, Risk, & Compliance Working Group Co-Chair
  • Susan Grajek, Vice President, Communities and Research, EDUCAUSE
    EDUCAUSE Staff Liaison
  • Joanna Lyn Grama, Director of Cybersecurity and IT GRC Programs, EDUCAUSE
    EDUCAUSE Staff Liaison
  • Bob Henry, Senior Information Security Analyst, Oregon State University
    Technologies, Operations, and Practices Working Group Co-Chair
  • Lisa Ho, Campus Privacy Officer, University of California, Berkeley
    Higher Education Chief Privacy Officers Working Group Co-Chair
  • Brian Kelly, Chief Information Security Officer, Quinnipiac University
    2018 Security Professionals Conference Program Committee Chair (and 2017 Vice Chair)
  • Carlos Lobato, IT Compliance Officer, New Mexico State University
    Information Security Guide Editorial Board Co-Chair
  • Kim Milford, REN-ISAC Executive Director, Indiana University
    REN-ISAC Liaison
  • Sharon Pitt, CIO and AVP of IT, Binghamton University
    HEISC Co-Chair
  • Scott Schafer, University Privacy Officer, University of Pennsylvania
    Higher Education Chief Privacy Officers Working Group Co-Chair
  • Sandy Silk, Director, IT Security Education & Consulting, Harvard University
    Awareness & Training Working Group Co-Chair
  • Tom Siu, Chief Information Security Officer, Case Western Reserve University
    Technologies, Operations, and Practices Working Group Co-Chair
  • Adam Vedra, Associate Director of IT and CISO, Calvin College
    Governance, Risk, & Compliance Working Group Co-Chair
  • Valerie M. Vogel, Senior Manager, Cybersecurity Program, EDUCAUSE
    Staff Liaison
  • Eric Weakland, Director, Information Security, American University
    Awareness & Training Working Group Co-Chair
  • Jim Webb, Chief Information Security Officer, Appalachian State University
    Information Security Guide Editorial Board Co-Chair
  • Ann West, Associate Vice President, Trust and Identity, Internet2
    Internet2/InCommon Liaison
  • Melissa Woo, Vice President for IT and CIO, Stony Brook University
    HEISC Co-Chair
  • Steve Zoppi, Vice President, Internet2
    Internet2 Liaison

HEISC Working Groups

HEISC has established a number of working groups and committees to pursue projects and initiatives that are part of a coordinated strategy for higher education. Engage with the council to help improve information security in higher education–consider volunteering for a working group. You can learn more about each working group, review our HEISC Working Group Membership Guidelines, or contact us for more information.

EDUCAUSE recognizes that participation in HEISC activities and projects may be considered continuing professional education (CPE) credit-earning activities for a number of industry security certifications (e.g., CISSP, CRISC, CISM, CIPP, etc.). To that end, the EDUCAUSE Cybersecurity Initiative has developed the following principles to help volunteers claim CPE credit related to their HEISC participation. Read more about HEISC volunteer CPE guidelines.

HEISC Partnerships


Get Involved with HEISC

Volunteer to write an article or guest blog, serve on a working group, or join the Security Professionals Conference program committee.

Learn More


Joanna Grama
Joanna Grama
Director of Cybersecurity and IT GRC Programs

Valerie Vogel
Valerie Vogel
Senior Manager, Cybersecurity Program

Want to Learn More?

For general information about HEISC or the EDUCAUSE Cybersecurity Initiative, please contact us at security-council@educause.edu.