About HEISC

The Cybersecurity Program is led by the Higher Education Information Security Council (HEISC), whose mission is to support higher education institutions as they improve information security governance, compliance, data protection, and privacy programs.

Established in July 2000 to provide coordination for higher education, HEISC accomplishes its work through volunteer groups supported by EDUCAUSE staff, as well as collaborations with other organizations that address information security and privacy in higher education.

HEISC develops and promotes information security leadership, awareness, and understanding; effective practices and policies; and guidance for the protection of critical data, IT assets, and infrastructures. Read the HEISC charter for more information.

2017 Strategic Priorities

  • Advance Information Security Strategies in Higher Education
  • Continue to Build the Information Security Profession
  • Strengthen Foundations

Major Areas of Focus

HEISC Advisory Committee

The HEISC Advisory Committee is responsible for ensuring progress in meeting the strategic priorities of the council. To accomplish this, it creates and monitors working groups and sponsors other activities, annually reviews the strategic priorities to see if changes are needed, and annually sets objectives for the working groups that will produce tangible outcomes furthering the goals of the council.

  • Michael Corn, Chief Information Security Officer, University of California, San Diego
    HEISC Co-Chair
  • Matthew Dalton, Chief Information Security Officer, University of Massachusetts Amherst
    Governance, Risk, and Compliance Working Group Co-Chair
  • Susan Grajek, Vice President, Communities and Research, EDUCAUSE
    EDUCAUSE Staff Liaison
  • Joanna Lyn Grama, Director of Cybersecurity and IT GRC Programs, EDUCAUSE
    EDUCAUSE Staff Liaison
  • Bob Henry, Senior Information Security Analyst, Oregon State University
    Technologies, Operations, and Practices Working Group Co-Chair
  • Todd Herring, Membership Services Director, REN-ISAC
    REN-ISAC Liaison
  • Lisa Ho, Campus Privacy Officer, University of California, Berkeley
    Higher Education Chief Privacy Officers Working Group Co-Chair
  • Brian Kelly, Chief Information Security Officer, Quinnipiac University
    2018 Security Professionals Conference Program Committee Chair
  • Nick Lewis, Program Manager for Security and Identity, Internet2
    Internet2 Liaison
  • Carlos Lobato, IT Compliance Officer, New Mexico State University
    Information Security Guide Editorial Board Co-Chair
  • Kim Milford, REN-ISAC Executive Director, Indiana University
    REN-ISAC Liaison
  • Sharon Pitt, CIO and AVP of IT, Binghamton University
    HEISC Co-Chair
  • Jacqueline Pitter, Network Administrator/Security Officer, Reed College
    2019 Security Professionals Conference Program Committee Chair (and 2018 Vice Chair)
  • Scott Schafer, University Privacy Officer, University of Pennsylvania
    Higher Education Chief Privacy Officers Working Group Co-Chair
  • Sandy Silk, Director, IT Security Education & Consulting, Harvard University
    Awareness and Training Working Group Co-Chair
  • Tom Siu, Chief Information Security Officer, Case Western Reserve University
    Technologies, Operations, and Practices Working Group Co-Chair
  • Adam Vedra, Associate Director of IT and CISO, Calvin College
    Governance, Risk, and Compliance Working Group Co-Chair
  • Valerie M. Vogel, Senior Manager, Cybersecurity Program, EDUCAUSE
    Staff Liaison
  • Eric Weakland, Director, Information Security, American University
    Awareness and Training Working Group Co-Chair
  • Jim Webb, Chief Information Security Officer, Appalachian State University
    Information Security Guide Editorial Board Co-Chair
  • Ann West, Associate Vice President, Trust and Identity, Internet2
    Internet2/InCommon Liaison

Meet the Cybersecurity Program Staff