Sandy Silk


Sandy Silk is the Director of IT Security Education and Consulting at Harvard University, founder of Cyber Risk and Resilience Consulting, and a member of the Board of Advisors for the MS in Information Security Leadership at Brandeis University. With more than 20 years of experience in both information security and adult education, she excels at bringing together executive leaders, business teams, and IT professionals to align cyber risk management with strategic priorities and culture, risk tolerance levels, and positive customer experience. At Harvard, Sandy leads a team that consult with researchers, faculty, and departments on security risks and controls for the data, technology, and vendors they use within projects. She also oversees the information security awareness campaign at Harvard, coordinates the annual policy review, and teaches Information Security Foundations for Harvard’s IT Academy. Sandy is involved in several Women in Technology (WIT) organizations and seeks opportunities to improve diversity, equity, and inclusion for under-represented populations within the IT profession. Sandy’s prior information security career included positions with Fidelity Investments, Bose Corporation, and Wellington Management Company. She has a bachelor's degree from Brandeis University, a master's degree from Harvard University, and a graduate certificate in Adult and Organizational Learning from Suffolk University.

EDUCAUSE Publications

  • April 2018: Spring Cleaning—Be Green, Not Blue
    • Blog

    This post is part of a larger campaign designed to support security professionals and IT communicators as they develop or enhance their security awareness plans. View all 12 monthly blog posts with ready-made content by visiting our security awareness resource page.

  • May 2017: Step Up to Stronger Passwords
    • Blog

    This Campus Security Awareness Campaign 2017 post is one of twelve blogs with ready-made content designed to support information security professionals and IT communicators as they develop or enhance their security awareness campaigns. The May topic focuses on strong passwords, passphrases, and two-step verification.

EDUCAUSE Presentations