Wednesday, April 11 | 1:00PM–2:00PM ET | Maryland Ballroom F, Fifth Floor
Information security departments have implemented some of the most sophisticated risk management practices in higher education today. How do these sophisticated practices within the IT department feed up into an institution's overall enterprise risk management (ERM) program? How is ERM different from information security risk management? What's in it for IT and the information security department to participate in institutional ERM programs? This session will bring institutional chief information security officers and chief risk officers together to explore how institutional ERM programs work and how the CISO can be a partner in the institution's ERM program.
Outcomes: Learn about ERM implementations in higher education * Learn how information security risk management activities can inform ERM programs * Consider ways CISOs can partner with CROs to add value and ensure appropriate attention is given to key information security risks
Vice President, Vantage Technology Consulting Group
CISO, Indiana University
Merri Beth Lavagnino
CIPT, CCEP, CIPP/US
Director of Security and Technology Services, Northeast Community College