EDTECH: What are some of the biggest threats you’re seeing for higher education as the COVID-19 pandemic continues to unfold?
KELLY: As a cybersecurity professional, you never want to say everything is fine and feel like you’re jinxing yourself, right? What we did through the spring and summer within higher education — and especially within cybersecurity — was really to enable learning, whether that means hybrid learning or coming back to campus.
One of the things that I like to say — and I can’t take credit for it, because it came from one of my peers — is that information security used to be “The Office of No.” The chief information security officers on campus used to be the one who told people, “No, you can’t do that,” or “No, you’re not doing that securely.”
But culturally what we see — not only this year but over the past couple of years — is a shift to trying to become the Office of K-N-O-W. We want to say, “We want you to know how to do something securely.”
We’re seeing the fruits of that shift now, with this transition. Think back to what feels like a lifetime ago, in the spring, when everybody so quickly went from being on campus to learning online. From a cybersecurity perspective, we had already started to change the culture around how we operate. We could enable that transition so that information security wasn’t perceived as a roadblock.
We can’t do this alone. Information security and cybersecurity is a team sport. I think that’s really what helps provide the foundation for where we are today and how we’re able to enable our campuses to do the things that they’re doing, whether that’s doing contact tracing securely or remote learning securely. All of those things didn’t just happen in the past six or eight months. They happened because we’ve been collaborating on them before COVID-19.
EDTECH: Do you think this is a permanent cultural shift, or will things go back to “normal”?
KELLY: I think it’s a permanent shift. I think 2021 will be a bridge back to some normalcy, or at least what we were familiar with pre-COVID, but a lot of what our community is talking about now is this idea of transformation. We’ve transformed over the past eight months in terms of how we do all of the information security things that we used to do on campus.
There’s also a transformation in how we operate our security infrastructure. Our teams that typically would work on campus are now remote. Our faculty, students, and staff — along with their devices, their laptops and their phones — are not connected to our campus networks anymore. They’re using their home internet service providers, so we’ve had to evolve and learn from each other how to secure devices in remote places. It’s been a really transformative and evolving year, but I think we were able to do it because of the connections and collaborations that we have with each other. No one had to figure it out on their own. We were all learning and sharing best practices, from large Ivy League schools to smaller community colleges. That collaboration moves between both ends of higher education.