Strategic CIO Improves Information Security Governance Planning With Info-Tech Guidance

Leveraging a trusted partner

Kelly Walsh, the CIO and CISO at The College of Westchester in White Plains, New York, and the founder of EmergingEdTech.com, has worked as an information technology manager for more than 30 years. In 2008 he joined The College of Westchester. Over the years, Walsh enhanced the effectiveness of the IT department by delivering strategic IT plans and effective technology implementations. Since 2016, Walsh has used Info-Tech Research Group to help him deliver frameworks and walk through Guided Implementations to meet the evolving needs of IT within the higher education industry.

Walsh leverages Info-Tech often through a series of analyst engagements covering a range of topics. The analysts offer him guidance in areas including strategic planning, cybersecurity governance, vendor security assessment, and security incident response planning. Walsh has access to world-class research and analysis at his fingertips to help guide his decisions and technology implementations. “With a limited budget, the analyst team at Info-Tech offers exactly what I need, delivering frameworks and blueprints, meeting all deadlines and exceeding expectations,” said Walsh.

In addition, Walsh leverages the CIO Business Vision Diagnostic, a high-impact program that provides detailed report cards on business satisfaction with IT’s core services. This diagnostic helps Walsh receive consistent stakeholder feedback to continually improve by addressing gaps and opportunities.

Developing a formal security governance framework

Every year, colleges and universities such as The College of Westchester participate in federal grant and loan funding programs and must complete an annual audit that assesses the responsible use of those funds. Several years ago, the US Department of Education informed the higher education community that the annual auditing process would be expanded to include a closer look at information security governance. This spurred Walsh and his team to develop a more formal cybersecurity governance framework to better prepare for this eventuality while also shoring up protections against a growing threat landscape. “As an IT team within a higher education institution, we are always juggling different priorities while managing limited budgets. When we knew the college’s information security governance might be audited more deeply than before, I knew proactive assessment and planning would play a critical role,” said Walsh.

With a limited budget, Walsh could not hire a full team to lead the initiative. Instead, he turned to Info-Tech to help him through the planning and execution of key steps, technology implementations, and a framework based on mature measures.

“As an IT team within a higher education institution, we are always juggling different priorities while managing limited budgets. When we knew the college’s information security governance might be audited more deeply than before, I knew proactive assessment and planning would play a critical role.”

– Kelly Walsh, CIO & CISO, The College of Westchester

A robust information security governance framework helps better protect institutional data and student privacy

Using Info-Tech’s IT governance framework, Walsh was able to assess the department’s strengths, prioritize efforts, and improve core processes. This enabled Walsh to build a robust IT strategy, including an information security governance framework. Also, by clearly showing that the institution is protected against potential security threats, Walsh was able to further demonstrate accountability.

Info-Tech’s analysts helped Walsh develop the IT strategic plan and security governance framework with visual templates, analyst calls, and detailed research blueprints. “In lieu of a team dedicated to our information security governance plan to be prepared in time for our assessment, I needed a trusted partner. Info-Tech’s partnership proved invaluable,” said Walsh.

By delivering a progressive and robust IT strategic plan and an information security governance framework that helped demonstrate the institution’s responsibility in protecting its data and student information, Walsh was able to elevate IT’s value to the executive cabinet. His efforts positioned the college to undergo deeper levels of cybersecurity governance auditing. Through this process, Walsh and his team also helped ensure a resilient institution that is not only prepared for today but is also ahead of the game in planning for any unforeseen incidents – earning the trust of employees, students, and the executive team.