What does the current cyber-threat landscape look like on college campuses? Cathy Hubbs, the chief information security officer at American University and a leading advocate of information security, policy and awareness programs in higher education, will visit the University of Virginia on July 25 to speak on the issue and discuss what universities can do to protect institutional data and improve information security programs.
Her talk, to begin at 1:30 p.m. in the Rotunda Dome Room, is the fifth event in a series offered by the University of Virginia’s Information Security, Policy, & Records Office that aims to promote cyber security awareness year-round. There will be a 15-minute Q&A period at the end of Hubb’s presentation. Her talk is free and open to the public and media.
“Because universities tend to be open, porous and decentralized – what might be called easy targets – hackers and thieves, nation-states and other malicious entities attack many times every day. They also use University accounts as proxies to hide their whereabouts while attacking other high-value targets,” said Karen McDowell, an information security officer.
Hubbs' visit comes at an important time for U.Va. and other universities concerned about information security, McDowell said.
Hubbs became American University’s first chief information security officer in 2007. She is responsible for shaping the university’s information security strategy, architecture and vision. She works with information technology, risk management, legal counsel and others to deliver security compliance and awareness programs, and to develop information security policies, procedures and standards.
Hubbs has also been active in developing American University’s Payment Card Industry Compliance program, which ensures that cardholder information delivered on electronic payment cards is kept secure. She routinely participates in organizations that focus on information security, such as EDUCAUSE, the Virginia Alliance for Secure Computing and Networking, and the Chief Security Officer Executive Network. In addition, she is a Certified Information Systems Security Professional, Certified Information Systems Auditor and Certified in the Governance of Enterprise IT.
-- Dana Cypress and Lauren Jones