535 West Michigan Street
- Bachelor of Science in Physics, Purdue University
- SANS GIAC Certified Intrusion Analyst (GCIA) since 2000
- SANS GIAC Certified Windows Security Administrator (GCWN) since 2005
In his role as University Information Security Officer, Andrew Korty manages a team of security engineers and analysts. This team is responsible for university-wide security standards administration, technical risk assessment programs, security reviews and consulting, technical security resources, and technical responses to security incidents. Korty started his career with IU in 1999 as a security engineer.
Presentations and Publications
- Third-Party Assessments: Not Just a Questionnaire, EDUCAUSE Security Professionals Conference, 2013.
- Assessing the Security Posture of Third-Party Service Providers (with David Escalante), EDUCAUSE Enterprise Information & Technology Conference, 2011.
- “Cloud Services: Policy and Assessment” (with David Escalante), EDUCAUSE Review, June 2011.
- InCommon Assurance Profiles (with Kim Milford), EDUCAUSE Security Professionals Conference, 2009.
- SANS Security Essentials textbook, Volumes One and Two, 2003. Topics include cryptography, host-based intrusion detection, vulnerability scanning, password assessment and management, sniffers, and Internet protocol packet analysis.
- Technical Advisory Group (TAG) Chair, Reseach and Education Networking Information Sharing and Analysis Center (REN-ISAC), 2011-. The TAG provides technical guidance to the REN-ISAC.
- Security Assessments Project Team Co-Chair, EDUCAUSE Higher Education Information Security Council (HEISC) Governance, Risk, and Compliance (GRC) Working Group, 2010-2011. This team investigated third-party assessment frameworks.