Cathy Hubbs
CISO
American University
Cathy Hubbs currently serves as the CISO at American University in Washington DC. She is a trusted advisor and consultant on issues related to digital risk in the Higher Education space, contributes to university-wide information security awareness and education programs and develops information security policies and guidance resources. Cathy works with IT, Risk Management, Legal Counsel and campus stakeholders to discuss risk and options to limit liability, as well as coordinates the investigation of cyber security incidents.
When she is not working, Cathy enjoys family time and her grandchildren - outdoor playtime, exploring new places and events, trying new recipes and sharing the outcome, swimming, hiking, yoga, rowing, kayaking and most things outdoors.
Learn more about the Washington, DC CISO community here.
Give us a brief overview of the path that led to your current role.
Twenty-one years ago, I was actively engaged in university activities, a relationship builder and keenly interested in troubleshooting with a willingness to partner with others to get resolutions. The CIO appointed me (her only appointment in 24 years) to the position of their first Director of Information Security, because of these qualities. Since then, I have continued to educate myself, build on my network of security professional colleagues and identify coaches and mentors for continuous improvement.
What is one of your guiding leadership principles?
Listening and respecting those I work with.
What is the greatest challenge CISOs face today, and how are you addressing it?
Budget cuts - when maturity requires investment. One recent success is getting locked in to a 3.5 year contract with a service with no change year over year. Additionally, critically reviewing older processes to ensure they fit the current environment.
What is the key to success for someone just starting out as a CISO?
Relationships and influence (which comes with time and successes). Build trusted relationships with supervisors, risk management, compliance and legal equivalents to begin with. Of course, the person in charge of finances is a good person to befriend, too – don't ask for money unless it is absolutely needed and do your research to back up the requests.
How do you measure success as a leader?
When others tell you that your program is a success. People want to work for and with you.
What is the value of being a member of the Evanta community?
Access to successful peers broadens your network and exposure to current practices and issues.
Evanta Governing Body members share their insights and leadership perspectives to shape the agendas and topics that address the top priorities impacting business leaders today.
by CISOs, for CISOs
Join the conversation with peers in your local CISO community.