Corey Roach named Interim CISO
UIT is pleased to announce that Corey Roach has been named Interim Chief Information Security Officer effective Thursday, September 1, 2016.* Roach comes to the appointment from his position as Enterprise Security manager in the University of Utah's Information Security Office (ISO).
Dr. Steve Hess, University of Utah Chief Information Officer, said, "We're extremely pleased to have Corey Roach serving as Interim CISO for the University, Hospitals, and Clinics. His qualifications and expertise are exactly what we need while we conduct an international search for a permanent CISO."
James Turnbull, Chief Information Officer for University Hospitals and Clinics, agreed, adding, "Corey's strategic and tactical knowledge of the modern information security landscape, particularly as it intersects with health care and patient privacy, is perfectly aligned with our ongoing enterprise security strategy and day-to-day operations."
Roach steps in for outgoing CISO Dan Bowden who is departing the U to take on a new role as vice president and CISO for Sentara Healthcare in Virginia Beach, VA.
Roach will maintain offices on the University of Utah campus in the Eccles Broadcast Center and the 585 Komas building. In his new role he will oversee information security, privacy, and compliance strategy and operations for both main campus and hospitals and clinics. His team includes 32 staff members in Enterprise Security; Security Assurance; Governance, Risk and Compliance; and Identity and Access Management.
"I'm fortunate to work with so many self-motivated professionals in the Information Security Office," Roach said.
That sentiment was echoed by Jim Livingston, the University's Chief Technology Officer.
"We have a strong information security program, run by a team of highly skilled security professionals," Livingston said. "Corey has been key to the success of our security efforts and I'm confident in his leadership abilities to keep us moving forward in this interim role. We're in good hands!"
Roach, a Utah native, has more than 13 years of information security experience in higher education, research and healthcare. As the U's Enterprise Security manager since 2014, he provided technical and strategic guidance during the development of the University's revised Information Security Policy (4-004), evaluated and acquired enterprise class security tools that significantly reduced the dwell time of malware or compromises, and coordinated post-incident forensics and impact analysis. Prior to that position, Roach served other IT and security roles at the U including senior data security analyst in ISO and IT manager for the Office of Residential Living.
In addition to completing numerous professional training courses, Roach is a certified information systems security professional (CISSP) and certified information systems auditor (CISA).
*start date changed