Batten Down the Hatches: CISOs and CROs Talk Risk

Wednesday, April 11 | 1:00PM–2:00PM ET | Maryland Ballroom F, Fifth Floor
Session Type: Breakout Session
Delivery Format: Interactive Presentation
Information security departments have implemented some of the most sophisticated risk management practices in higher education today. How do these sophisticated practices within the IT department feed up into an institution's overall enterprise risk management (ERM) program? How is ERM different from information security risk management? What's in it for IT and the information security department to participate in institutional ERM programs? This session will bring institutional chief information security officers and chief risk officers together to explore how institutional ERM programs work and how the CISO can be a partner in the institution's ERM program.

Outcomes: Learn about ERM implementations in higher education * Learn how information security risk management activities can inform ERM programs * Consider ways CISOs can partner with CROs to add value and ensure appropriate attention is given to key information security risks


  • Joanna Grama

    Vice President, Vantage Technology Consulting Group
  • Andrew Korty

    CISO, Indiana University
  • Merri Beth Lavagnino

  • Mary Meyer

  • Renee Peters

    Director of Security and Technology Services, Northeast Community College

Resources & Downloads

  • GramaCISOCROTalk Risk4112018

    1 MB, pdf - Updated on 10/25/2018