Break Through the Buzzwords and Achieve Measurable Cybersecurity Results

Wednesday, May 15 | 9:15AM–10:15AM CT | Vevey 3, Second Floor Event Centre
Session Type: Breakout Session
Delivery Format: Interactive Presentation
Every day we receive calls from a vendor promising to measure and assess our information security programs in higher education. They all promise that they know our business and use every security buzzword, but when they show up, they use a process or checklist that doesn't fit our needs. At Duquesne, our internal audit team leveraged the HEISC Information Security Maturity Assessment to baseline our program when it began. Hear how we cut through the buzzwords and got a real assessment on our information security program.

Outcomes: Get an overview of the HEISC assessment tool * Learn how to get management and stakeholder buy-in for a maturity assessment * Apply our lessons learned using the maturity assessment * Learn how to obtain independence using internal audit resources * Build an action plan and continual improvement roadmap


  • Daniel Desko

    Shareholder, Schneider Downs & Co. Inc.
  • Tom Dugas

    Assistant Vice President and Chief Information Sec, Duquesne University

Resources & Downloads

  • SPC19Break Through the Buzzwords and Achieve Measurable Cybersecurity Results

    Updated on 11/19/2022