About HEISC
The Cybersecurity Program provides resources and events that are created by, and for, the higher ed information security, cybersecurity, and privacy communities.
The program is informed by our EDUCAUSE member-led Higher Education Information Security Council (HEISC), an organized, engaged, passionate, and experienced team of higher education information security and privacy professionals.
HEISC helps higher ed institutions improve information security governance, compliance, data protection, and privacy programs. Established in July 2000 to provide coordination for higher education, HEISC accomplishes its work through volunteer groups supported by EDUCAUSE staff, as well as collaborations with other organizations that address information security and privacy in higher education.
HEISC members develop and promote information security leadership, awareness, and understanding; effective practices and policies; and guidance for the protection of critical data, IT assets, and infrastructures. Read the HEISC charter for more information.
Major Areas of Focus
- Coordinate the Security Professionals Conference and other professional learning events.
- Revise and refine the Information Security Guide, which provides effective practices and timely guidance on hot topics for colleges and universities.
- Develop and promote tools to help campuses improve their cybersecurity and privacy programs.
- Foster communication and networking within the community.
- Provide cybersecurity and privacy expertise on issues of public policy affecting higher education.
HEISC Advisory Committee
The HEISC Advisory Committee is responsible for ensuring progress in meeting the strategic priorities of the council. To accomplish this, the committee creates and monitors working groups and sponsors other activities, annually reviews the strategic priorities to see if changes are needed, and annually sets objectives for the working groups that will produce tangible outcomes furthering the goals of the council.
-
Jon Allen
Associate Vice President CIO & CISO, Baylor University
HECVAT Users Community Group Co-Chair -
Charlie Escue
Extended Information Security Manager, Indiana University
HECVAT Users Community Group Co-Chair -
Scott Fendley
Information Security Engineer/Architect, University of Alabama at Birmingham
Technologies, Operations, and Practices Community Group Co-Chair -
Susan Grajek
Vice President, Communities and Research, EDUCAUSE
EDUCAUSE Staff Liaison 
Todd Herring
Membership Services Director, REN-ISAC
REN-ISAC Liaison
Sherry Horeanopoulos
Information Security Officer, Fitchburg State University
Awareness and Training Community Group Co-Chair
Leo Howell
Chief Information Security Officer, University of Oregon
Governance, Risk, and Compliance Community Group Co-Chair
Jodi Ito
Chief Information Security Officer, University of Hawaii
HEISC Chair
Micki Jernigan
Enterprise Privacy Officer, Augusta University
Higher Education Chief Privacy Officers Community Group Co-Chair
Brian Kelly
Director of the Cybersecurity Program, EDUCAUSE
EDUCAUSE Staff Liaison
Nick Lewis
Program Manager for Security and Identity, Internet2
Internet2 Liaison
Kim Milford
REN-ISAC Executive Director, Indiana University
REN-ISAC Liaison
Blake Penn
Information Security Policy & Compliance Manager, Georgia Institute of Technology
Governance, Risk, and Compliance Community Group Co-Chair-
Ken Ries
Chief Information Security Officer, University of Wisconsin-River Falls
Awareness and Training Community Group Co-Chair 
Moeen Taj
Manager, Enterprise Applications, Montgomery College
Technologies, Operations, and Practices Community Group Co-Chair
Ashley Valentijn
Security Engineer, University of Miami
2022 Security Professionals Conference Program Committee Chair (and 2021 Vice Chair)
Kent Wada
Chief Privacy Officer and Director, Policy and Privacy, UCLA
Higher Education Chief Privacy Officers Community Group Co-Chair
Ann West
Associate Vice President, Trust and Identity, Internet2
Internet2/InCommon Liaison
Thank You to Our Cybersecurity Program Supporting Partners
