For new information security leaders (or those new to higher ed), it can be daunting to start a brand-new information security program at a college or university. One CISO provides some advice for those looking to create a collaborative program with campus-wide support .
BiographyTammy has been actively involved in working to further effective IT and information security practices in higher education for over 15 years. She is presently the chief information officer at the University of Tampa and is a member of the president's executive cabinet. She also serves as the institution's chief information security officer. Tammy manages three areas under the umbrella of the Information Technology & Security organization at UT: Enterprise Software and Business Solutions, Information Technology, and Information Security.
She is passionate in her desire to effectively partner with business and academic leaders across the academy to help them take advantage of disruptive technologies and innovative solutions that provide a competitive advantage in achieving strategic goals and objectives. In her role as CISO, she has implemented an ISO 27001 certified information security program at the university that includes an academic area in addition to business and technology units.
Tammy earned an MS in information systems and technology management, with a concentration in project management from Capella University, a BS in accounting and BA in management information systems from California State University, and holds numerous industry certifications.
This report provides insight into the evolving CISO position—an understanding of which is critical to ensuring the strategic success of information security leaders in higher education.
Educating your institution's governing board about information security gives them a clearer picture of organizational cybersecurity challenges and the potential costs to your institution of failing to manage cyber threats and risks.
EDUCAUSE 2016 Program Committee
ECAR/HEISC Information Security Leadership Working Group
EDUCAUSE 2014 Program Committee
EDUCAUSE 2013 Program Committee
HEISC Governance, Risk, and Compliance Working Group