Jodi Ito first joined the team at the University of Hawaii back in 1982 and has been serving as the Chief Information Security Officer (CISO) since 2000. This extensive tenure has given her a unique and in-depth understanding of the university’s IT environment and the various security threats it faces. In a recent interview with EdTech, she shared insights into the evolving landscape of information security and how teams can ensure continuity and security even amidst personnel transitions.
EDTECH: How did you transition into information security at the University of Hawaii?
ITO: My journey began in user support during the early ’80s, a time when punch cards and IBM mainframes were the norm. Starting as a computer science major, I took on a student help position at the Computing Center, engaging in programming tasks and assisting staff, researchers, and faculty with their programming needs.
Click here to explore how university leaders are navigating modern workspaces.
EDTECH: What inspired your transition into information security?
ITO: The advent of the internet brought about new security challenges and threats, such as the Morris worm, highlighting the vulnerabilities of networks. From distributed denial of service attacks to the current landscape of cyber threats, the internet has fundamentally changed the realm of security, data protection, and privacy.
EDTECH: What are the current threats in information security?
ITO: Concerns range from Ransomware as a Service to cyber attacks orchestrated by hostile nation-states targeting intellectual property. With the open nature of academic institutions fostering collaboration, security teams must navigate evolving threats to safeguard valuable data and research.
RELATED: Explore how universities are leveraging next-generation SIEM for enhanced cyber visibility.
EDTECH: How do you ensure continuity amidst personnel transitions within your team?
ITO: Succession planning is increasingly crucial in higher education, as veteran professionals retire, leaving knowledge gaps. Effective communication channels among team members and the broader university community are key to preserving institutional knowledge and addressing evolving security needs. Planning for the future involves fostering a collaborative culture and preparing for leadership transitions.
Initially a team of one, I expanded my team in response to security breaches, emphasizing the importance of communication and collaboration as the team grows. Succession planning differs from traditional professional development, focusing on sustaining team functionality in the absence of key members.
READ MORE: Stanford student Kyla Guru engages Gen Z in cybersecurity discussions.
EDTECH: How do you adapt your succession plan to reflect technological advancements and evolving threats?
ITO: Documentation plays a vital role in maintaining a relevant succession plan, ensuring continuity amid changing threats. As attackers enhance their tactics, security teams must also evolve, constantly reassessing strategies to stay ahead of emerging threats. This ongoing reflection and adaptation are essential in the dynamic landscape of information security.
