The Information Security Group (ISG) is comprised of David Sherry, Chief Information Security Officer (CISO) and Pat Falcon, Information Security Communications Coordinator.
David Sherry has university-wide responsibility and authority regarding matters of information security as Brown's CISO. He heads up the team, charged with the development and maintenance of Brown's information technology security strategy, IT policies and best practices, security training and awareness programs, as well as ongoing risk assessment and compliance tasks. As the university spokesman for both information security and privacy, Sherry also plays a key role in the records management program, regulatory compliance, and copyright law.
David came to Brown in 2008 with over 20 years of experience in information technology. He most recently worked at Citizens Bank where he was Vice President for Enterprise Identity and Access Management, providing leadership for compliance and security governance. He had also served as Citizens' Vice President for Enterprise Information Security, overseeing the company's security operations and controls. David sits on the EDUCAUSE Higher Education Information Security Council, and is a contributor to Information Security Magazine. A graduate of Providence College, with an MBA from Northeastern University, he is a frequent conference speaker on emerging security topics and best practices, a guest-lecturer throughout the academic year at several New England institutions, and is a Certified Information Systems Security Professional (CISSP) and Certified Information Security Manager (CISM).
Pat Falcon has been with CIS for over fifteen years, working with various groups -- Applications Development, Computing Accounts, the Help Desk, Communication -- until becoming responsible for information security policy and safe computing awareness in 2004. Since then, Pat has been instrumental in the planning and execution of the campus's celebration of National Cyber Security Awareness Month each October. She also launched and serves as the editor of ISG's Secure IT! newsletter.
In addition to her training and awareness responsibilities, Pat is a member of the Data, Privacy and Records Management working group, which brings together stakeholders from a broad range of campus units to discuss business practices and operational challenges for records management, privacy, and protecting Brown data. The group researches, develops, and implements solutions and tools to inventory areas of protected information, and aids in creating processes and reports to enable department and university compliance.