Cybersecurity and Privacy Perspectives on the EDUCAUSE 2023 Top 10 IT Issues
EDUCAUSE community members offer cybersecurity and privacy perspectives on the 2023 Top 10 IT Issues.
Jay has spent a 35-year career in Higher Ed IT, with experience in desktop support and management, application support, networking, and virtualization. IT security has been a focal point throughout his career.
In 2018 he joined the Duke University IT Security Office where he is a Risk Advisor, Jay focuses on Risk and Compliance issues. In the role of a consultant, he works with researchers to understand their workloads so that he can explain what is necessary for compliance with regulatory requirements like NIST SP 800-171. He also stays abreast of changes in the research regulation space to keep others up to date regarding their potential impact on the university.
Additionally, his responsibilities include vendor security risk assessments, and outreach activities for the campus.
Jay was one of the initial group leaders for the EDUCAISE HEISC 800-171 Compliance Community Group and an active member of the Regulated Research Community of Practice.
In May 2023 he was a workshop leader for the Regulated Research Community of Practice 1 Day SSP Workshop and in 2020-21 was on the steering committee for The CUI Workshop Series sponsored by Purdue.
He is currently on the program committee for CPPC 25
EDUCAUSE community members offer cybersecurity and privacy perspectives on the 2023 Top 10 IT Issues.
This overview provides a review of the timeline that introduced NIST SP 800-171 "Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations" as a compliance framework, an overview of the control families for the 110 controls and a discussion of the impacts and concerns for higher education.
In this toolkit, you will find an overview of NIST SP 800-171 and its implications for higher education, questions to ask during project planning, 7 Things You Should Know About CMMC to use when speaking with stakeholders and leadership, and a customizable control evaluation.
EDUCAUSE | Member |