University hosts UT System Chief Information Security Officers
(Photo by UTHealth Houston)
The Chief Information Security Officer Council gathered on March 26 at UTHealth Houston for a full day of conversations focused on cybersecurity, emerging threats, and collaboration across institutions.
The in-person UT System gathering occurs twice a year and began with breakfast and informal networking, as attendees joined both in person and virtually before the meeting officially got underway.
“Hosting this CISO meeting at UTHealth Houston is both an honor and a responsibility,” said Amar Yousif, MBA, vice president and chief information officer at UTHealth Houston. “In the Texas Medical Center, the stakes are real because cybersecurity underpins everything we do in patient care, research, and education. As Houston comes off another Rodeo season that brings people together from across the state, it’s fitting that we’re doing the same here; bringing CISOs from every corner of Texas together to wrangle challenges that don’t stop at county lines or institutional boundaries.”
Mary Dickerson, MBA, associate vice president and chief information security officer at UTHealth Houston echoed Yousif's sentiments by saying, "While it is always good to have the opportunity to interact with our information security colleagues from the other UT System institutions, it’s wonderful to be able to host them here at UTHealth Houston. Especially in light of a very dynamic cyberthreat landscape, as well as a challenging compliance environment, sharing strategies with other CISOs and Deputy CISOs is very helpful."
Once the council came to order, participants heard a series of updates that set the tone for the day.
George Finney, systemwide chief information security officer at The University of Texas System, shared progress on initiatives like the Academic Continuity Exercises and Armis, followed by briefings from the UT System’s Tod Maxwell, Dyan Hudson, and Jennie Kennedy covering operational updates, audit insights, and privacy considerations.
Serge Jorgensen of Crowe presented a threat intelligence update and walked attendees through current risks and what they mean for higher education and health institutions.
“With the world events the way they are these days, we're so much more concerned about the threat level, because we've seen the attacks escalate since the war in Iran began. I think today is especially important given the Iranians attacked a medical device maker and ransomed them,” Finney said. “We're all really concerned about how we keep that competitive edge that keeps us a step ahead of the attackers. The leadership of The University of Texas system is a thousand percent behind cybersecurity to keep all of our institutions safe. Not just protecting the students, obviously that’s really important to us, but also protecting the life safety, protecting the research that we're doing to save lives across the state of Texas.”
After a short break, the conversation turned toward technology and innovation.
Representatives from Microsoft discussed the Enterprise Suite license roadmap, and Cam Beasley from UT Austin offered a closer look at how their university is using Claude in its work.
During the lunch session, the group received a demonstration by the humanoid robot in development at McWilliams School of Biomedical Informatics at UTHealth Houston. This was followed by Finney leading a discussion on the growing concerns around Chinese-manufactured patient monitoring devices, sparking thoughtful dialogue about supply chain and security risks in health care settings.
In the afternoon, the focus shifted to strategy and planning. Maxwell guided a discussion on third-party risk management. The day wrapped up with an extended roundtable, where CISOs from across the group shared updates, challenges, and ideas. With time set aside for each institution, the discussion allowed for a meaningful exchange of perspectives and practical takeaways, continuing through the afternoon until the meeting concluded.
“I think it's really great for all of the chief information security officers to meet in person. It allows us to really talk about all of the emerging threats that are happening, not only across the system, but across the nation, and across the world. It also allows us to align on our defense strategies together,” said Cheryl Nifong, chief information security officer at The University of Texas Arlington. “The presentations have been really broad. We’ve had an audit presentation, an AI presentation, Microsoft presentation. I'm learning more as well, so it's not just about collaboration, but bringing in expertise so that we can learn and grow in our current role.”
