Tom Davis

Chief Security Officer

Phone:
812-855-7451
Email:
tdavis@iu.edu
PGP:
tdavis.asc
S/MIME:
tdavis.cer
Department:
Physical Security and Access / University Information Security Office
Campus:
IU
CIB
2709 East 10th Street
Bloomington, IN
47408

Education

Biography

Tom Davis is Indiana University's Chief Security Officer. In this role, he provides executive leadership and specialized expertise to the development and management of programs related to physical access and security, personal protection, surveillance, the security of institutional and personal information, and the security of information technology. Davis also directs the efforts of the University Information Security Office.  The UISO is responsible for university-wide security standards administration, technical risk assessment programs, security reviews and consulting, technical security resources, and technical responses to security incidents.

Before his current appointment, Davis served as IU's Chief Information Security Officer. He has worked in the security field since 1991.

Honors & Awards

  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • Selected into Indiana University Information Technology Leaders Program (ITLP), 2007

Presentations and Publications

  • "Building an Information and IT Compliance Program," EDUCAUSE Security Professionals Conference, May 2012
  • Q&A: Indiana University's key to safeguarding confidential data, FierceCIO, March 2011
  • "Payment Card Industry Data Security Standards — Are You at Risk for a Fine?," Center for Applied Cybersecurity Research Indiana Higher Education Cybersecurity Summit, April 2010"
  • Conway, W., Davis, T. (2009). Data Security: Noteworthy Outcomes From 2009 PCI Community Meeting: NACUBO Business Officer, vol. 43, no. 4, 16-18
  • Davis, T. (2009). Me and My Job, SC Magazine For IT Security Professionals, vol. 20, no. 1, 15
  • Davis, T. (2009). Security Requires More Than Technology, EDTECH Focus on Higher Education
  • Getting Things Done Panel: A Practical Approach," IU Statewide IT Conference, October 2009
  • "Writing an Information Security and Privacy Program," EDUCAUSE Security Professionals Conference, April 2009
  • Pyrillis, R., Roberts, V. (2008). Burst of Vitamin 'C' - Pointers from CIOs and CISOs on getting the most value from systems teams: EDTECH Focus on Higher Education, vol. 4, no. 1, 38-40
  • "Writing an Information Security and Privacy Program," EDUCAUSE Annual Conference, October 2008
  • "Security and Finance: Bridging the Communication Gap," Treasury Institute PCI-DSS Workshop, May 2007
  • "Payment Card Industry Data Security Standards," IU Treasury Business Seminar, August 2006

Other Activities

  • Ivy Tech Information Security Curriculum Advisory Board
  • NACUBO Technical Representative to the Payment Card Industry Security Standards Council
  • Co-chair, Higher Education Information Security Council's Information Security Guide Editorial Board
  • Higher Education Information Security Council Leadership Team Member
  • Past chair, Committee on Institutional Cooperation Security Working Group
  • EDUCAUSE Security Professionals Conference 2006 Program Committee Member