Never Waste a Crisis: Funding an Information Security Program into the Future

Wednesday, May 06 | 9:00AM–10:00AM | Conrad A, Second Floor
Session Type: Professional Development
Panelists from schools both large and small, public and private will candidly discuss what has succeeded and what has failed in their efforts to fund an information security program. Surveys regarding IT security budgets for a variety of industries indicate the security budget is between 2% and 5% of the total IT budget. EDUCAUSE surveys find that the sweet spot in higher education averages 3% of the total IT budget. This value varies considerably and obtaining the necessary funding to maintain and grow a security program requires deft skills at "selling up" the value of security to leadership.

OUTCOMES: Understand the fragility of information security budgets * Learn about a variety of ways to sustain an information security budget * Understand what metrics sell the value of security to university leadership


  • Paul Howell

    Chief Cyberinfrastructure Security Officer, Internet2
  • Kees Leune

    Assistant Professor, Adelphi University
  • Randy Marchany

    University IT Security Officer, Virginia Tech
  • Dave Nevin

    Asst Professor, Practice | Director Oregon Research & Teaching SOC, Oregon State University
  • Doug Ooley

    CISO and Director ITGRC, Boise State University