At the surface, being a CISO in Higher Education is very similar to any industry vertical but the opportunities, challenges, and impacts are significantly more complex. Many consider HE to be behind in security practices. While it is true that HE doesn't buy a lot of security tools, we are on the leading edge of focusing on mitigating security risks at the level the institution truly needs. Also, our community requires support for accessibility, gender-identity, and general identity access management that is far above what most technologies can handle. All this leads to a CISO needing to be creative, flexible, and thoughtful to best lead their programs.
As Director Information Security/CISO for Tufts University, Lorna Koppel’s key responsibilities include assessing and managing the security risks to the university and the overall operating security for their diverse environment, including development and implementation of security policies, data stewardship and compliance activities, technology and architecture standards, and operational detection and response activities. Previously, Lorna held various security leadership positions at Iron Mountain, Kohler Co., BT Infonet Services Corp., CSC, and Meso Inc., and served in the USAF Weather Service. Lorna holds a B.S. in Physics from Bowling Green State University and a B.S. in Meteorology from The Pennsylvania State University. She then went on to receive her Master of Science in Atmospheric Science from the University of Albany.
