Section Navigation



Bates helps lead efforts to protect higher education data and improve information security

BOONE—Protecting the integrity of student, institutional and research data has been a priority for Cathy Bates for more than 20 years.

View larger image

Bates is associate vice chancellor and chief information officer (CIO) at Appalachian State University and a long-time member and contributor to EDUCAUSE, a nonprofit association whose mission is to advance higher education through the use of information technology. She also is a member of EDUCAUSE’s affiliated organization, the Higher Education Information Security Council.

“We are entrusted with very confidential data that we need to be sure we pay attention to,” she said of her work at Appalachian as well as that of other CIOs at universities and colleges across the nation.

Established in July 2000, the Higher Education Information Security Council (HEISC) improves information security, data protection and privacy programs through its working groups of volunteers and professional EDUCAUSE staff that coordinate activities and collaborate with partners from government, industry, and other academic organizations. HEISC was formed by EDUCASE and Internet2, a community of U.S. and international leaders in research, academia, industry and government.

Through the annual Security Professionals Conference and other EDUCAUSE conferences and websites, HEISC actively develops and promotes leadership; awareness and understanding; effective practices and policies; and solutions for the protection of critical data, IT assets and infrastructures.

Currently, Bates is a member of the HEISC leadership team and program chair for the 2014 Security Professionals Conference to be held in St. Louis in April. In that capacity she leads a team of other information technology professionals who are reviewing and recommending content for the conference, as well as recommending the conference’s keynote speaker.

The Security Professionals Conference is the premier forum for connecting with higher education security and privacy professionals. More than 400 IT professionals representing more than 40 higher education institutions are expected to attend next year’s conference.

Bates became involved with EDUCAUSE and its Security Professional Conference while at Plymouth State University. Her involvement with the organization grew after she joined the University of Arizona as the university’s information security officer and was asked to review and select proposals for presentation at the conferences.

She later joined HEISC and became a member of the government, risk and compliance working group comprised of EDUCAUSE and Internet 2 members.

She also was asked to serve on the Security Professional’s Conference Committee. “They have several working groups that are involved in information security work that give back to the EDUCAUSE community. I was involved with governance risk and compliance and did some work to help develop a maturity assessment for high education information security programs, which was shared with other EDUCAUSE members,” Bates said.

That work led to serving as vice chair of the program committee for the organization’s 2013 Security Professionals Conference and her current role as chair of the conference committee, where she will help develop the organization’s strategic outlook for the coming year.

It’s the collaborative nature of HEISC and the Security Professional’s Conference that fueled Bates’ interest in a leadership position with the organization.

“Finding ways to network and work with other CIOs and security professionals on shared concerns is a vital resource for me,” said Bates. “Together we share our best ideas on how to address new trends, while protecting the wide variety of institutional data. We are able to share the kinds of things we are seeing on our campus and bring those issues and that viewpoint on what we need to work on together going forward,” she said.

###