The sourcing of IT systems and services takes many shapes in higher education. Campus central IT organizations are increasingly responsible for the administration of enterprise systems and for the consolidation of operations into a single data center.
Cathy Hubbs has been leading information security programs in higher education since 2002. At American University, she is responsible for identifying areas of risk and shaping the University's information security strategy, architecture, and vision. She partners with IT, Risk Management, Legal Counsel, and campus stakeholders to discuss risk and options to limit liability. The information security program supports audit and compliance work; creates policy; and promotes security awareness. With the help of her able team, risk assessments are performed on new and existing services; vulnerability management tools are used to detect and notify; and in the event of a system compromise, investigative and consultative services are provided. She is an active volunteer in organizations that focus on the development of Security Professionals and is currently serving on the EDUCAUSE HEISC Leadership Team. She was American University's first Frye Leadership Institute Scholar in 2009, is a Certified Information Systems Security Professional (CISSP), and was awarded the Certified Information Systems Auditor (CISA) and Certified in the Governance of Enterprise IT (CGEIT) through ISACA.