About HEISC

The Cybersecurity Program provides resources and events that are created by, and for, the higher ed information security, cybersecurity, and privacy communities.

The program is informed by our EDUCAUSE member-led Higher Education Information Security Council (HEISC), an organized, engaged, passionate, and experienced team of higher education information security and privacy professionals.

HEISC helps higher ed institutions improve information security governance, compliance, data protection, and privacy programs. Established in July 2000 to provide coordination for higher education, HEISC accomplishes its work through volunteer groups supported by EDUCAUSE staff, as well as collaborations with other organizations that address information security and privacy in higher education.

HEISC members develop and promote information security leadership, awareness, and understanding; effective practices and policies; and guidance for the protection of critical data, IT assets, and infrastructures. Read the HEISC charter for more information.

Major Areas of Focus

• Coordinate the Security Professionals Conference and other professional learning events.
• Revise and refine the Information Security Guide, which provides effective practices and timely guidance on hot topics for colleges and universities.
• Develop and promote tools to help campuses improve their cybersecurity and privacy programs.
• Foster communication and networking within the community.
• Provide cybersecurity and privacy expertise on issues of public policy affecting higher education.

HEISC Advisory Committee

The HEISC Advisory Committee is responsible for ensuring progress in meeting the strategic priorities of the council. To accomplish this, the committee creates and monitors working groups and sponsors other activities, annually reviews the strategic priorities to see if changes are needed, and annually sets objectives for the working groups that will produce tangible outcomes furthering the goals of the council.

• 
  Jon Allen
  Associate Vice President CIO & CISO, Baylor University
  HECVAT Users Community Group Co-Chair
• 
  Nichole Arbino
  Communities Program Manager, EDUCAUSE
  EDUCAUSE Staff Liaison
• 
  Cristina Blanton
  Chief Privacy & Data Protection Officer, University of Texas System
  Higher Education Chief Privacy Officers Community Group Co-Chair
• 
  Patricia Clay
  Chief Information Officer, Hudson County Community College
  HEISC Co-Chair
• 
  Lanita Collette
  Deputy CIO, CISO, The University of Arizona
  HEISC Co-Chair
• 
  Kristen Dietiker
  Chief Information Security Officer, Santa Clara University
  Awareness and Education Community Group Co-Chair
• 
  Nadim El-Khoury
  Director, Networks, Systems, Infrastructure, and Information Security Officer, Springfield College
  800-171 Compliance Community Group Co-Chair
• 
  Charlie Escue
  Extended Information Security Manager, Indiana University
  HECVAT Users Community Group Co-Chair
• 
  Scott Fendley
  Information Security Engineer/Architect, University of Alabama at Birmingham
  Technologies, Operations, and Practices Community Group Co-Chair
• 
  Jay Gallman
  Security IT Analyst, Duke University
  800-171 Compliance Community Group Co-Chair
• 
  Susan Grajek
  Vice President, Communities and Research, EDUCAUSE
  EDUCAUSE Staff Liaison
• 
  Sean Hagan
  Chief Information Security Officer, University of Alaska Fairbanks
  Governance, Risk, and Compliance Community Group Co-Chair
• 
  Harry Hoffman
  AVP/CISO, Northeastern University
  800-171 Compliance Community Group Co-Chair
• 
  Jonathan Kimmitt
  Chief Information Security Officer, University of Tulsa
  Privacy Community Group Co-Chair
• Bryan Leber
  Vice President of Professional Services, Fischer Identity LLC
• 
  Nick Lewis
  Program Manager for Security and Identity, Internet2
  Internet2 Liaison
• 
  Kim Milford
  REN-ISAC Executive Director, Indiana University
  REN-ISAC Liaison
• 
  Ann Nagel
  University Privacy Officer, University of Washington
  Higher Education Chief Privacy Officers Community Group Co-Chair
• 
  Mark Napier
  Deputy Dir IT/ Chief Info Privacy and Security Officer, Indiana University Bloomington
  Awareness and Education Community Group Co-Chair
• 
  Joe Potchanant
  Director, Cybersecurity and Privacy Program, EDUCAUSE
  EDUCAUSE Staff Liaison
• 
  Peter Romness
  Cybersecurity Principal - Public Sector CTO Office, Cisco Systems, Inc.
• 
  Masood Sidiqyar
  Sr. Director, Information Security, Vanderbilt University
  Governance, Risk, and Compliance Community Group Co-Chair
• 
  Svetla Sytch
  Assistant Director of Privacy and IT Policy, University of Michigan-Ann Arbor
  Privacy Community Group Co-Chair
• 
  Andrew Weisskopf
  Chief Information Security Officer, University of Delaware
  Cybersecurity and Privacy Professionals Conference Program Committee Chair
• 
  Ann West
  Associate Vice President, Trust and Identity, Internet2
  Internet2/InCommon Liaison
• 
  Christine Whalley
  Chief Information Security Officer, Amherst College
  Cybersecurity and Privacy Professionals Conference Program Committee Vice Chair