About HEISC

The Cybersecurity Program provides resources and events that are created by, and for, the higher ed information security, cybersecurity, and privacy communities.

The program is informed by our EDUCAUSE member-led Higher Education Information Security Council (HEISC), an organized, engaged, passionate, and experienced team of higher education information security and privacy professionals.

HEISC helps higher ed institutions improve information security governance, compliance, data protection, and privacy programs. Established in July 2000 to provide coordination for higher education, HEISC accomplishes its work through volunteer groups supported by EDUCAUSE staff, as well as collaborations with other organizations that address information security and privacy in higher education.

HEISC members develop and promote information security leadership, awareness, and understanding; effective practices and policies; and guidance for the protection of critical data, IT assets, and infrastructures. Read the HEISC charter for more information.


Major Areas of Focus


HEISC Advisory Committee

The HEISC Advisory Committee is responsible for ensuring progress in meeting the strategic priorities of the council. To accomplish this, the committee creates and monitors working groups and sponsors other activities, annually reviews the strategic priorities to see if changes are needed, and annually sets objectives for the working groups that will produce tangible outcomes furthering the goals of the council.


  • Jon Allen

    Jon Allen
    Associate Vice President CIO & CISO, Baylor University
    HECVAT Users Community Group Co-Chair
  • Charlie Escue

    Charlie Escue
    Extended Information Security Manager, Indiana University
    HECVAT Users Community Group Co-Chair
  • Scott Fendley

    Scott Fendley
    Information Security Engineer/Architect, University of Alabama at Birmingham
    Technologies, Operations, and Practices Community Group Co-Chair
  • Susan Grajek

    Susan Grajek
    Vice President, Communities and Research, EDUCAUSE
    EDUCAUSE Staff Liaison
  • Todd Herring

    Todd Herring
    Membership Services Director, REN-ISAC
    REN-ISAC Liaison
  • Sherry Horeanopoulos

    Sherry Horeanopoulos
    Information Security Officer, Fitchburg State University
    Awareness and Training Community Group Co-Chair
  • Leo Howell

    Leo Howell
    Chief Information Security Officer, University of Oregon
    Governance, Risk, and Compliance Community Group Co-Chair
  • Jodi Ito

    Jodi Ito
    Chief Information Security Officer, University of Hawaii
    HEISC Chair
  • Micki Jernigan

    Micki Jernigan
    Enterprise Privacy Officer, Augusta University
    Higher Education Chief Privacy Officers Community Group Co-Chair
  • Brian Kelly

    Brian Kelly
    Director of the Cybersecurity Program, EDUCAUSE
    EDUCAUSE Staff Liaison
  • Nick Lewis

    Nick Lewis
    Program Manager for Security and Identity, Internet2
    Internet2 Liaison
  • Kim Milford

    Kim Milford
    REN-ISAC Executive Director, Indiana University
    REN-ISAC Liaison
  • Blake Penn

    Blake Penn
    Information Security Policy & Compliance Manager, Georgia Institute of Technology
    Governance, Risk, and Compliance Community Group Co-Chair
  • Ken Ries

    Ken Ries
    Chief Information Security Officer, University of Wisconsin-River Falls
    Awareness and Training Community Group Co-Chair
  • Moeen Taj

    Moeen Taj
    Manager, Enterprise Applications, Montgomery College
    Technologies, Operations, and Practices Community Group Co-Chair
  • Ashley Valentijn

    Ashley Valentijn
    Security Engineer, University of Miami
    2022 Security Professionals Conference Program Committee Chair (and 2021 Vice Chair)
  • Kent Wada

    Kent Wada
    Chief Privacy Officer and Director, Policy and Privacy, UCLA
    Higher Education Chief Privacy Officers Community Group Co-Chair
  • Ann West

    Ann West
    Associate Vice President, Trust and Identity, Internet2
    Internet2/InCommon Liaison