Andrea Simpson
Chief Information Security Officer
Howard University
Andrea Simpson is the Chief Information Security Officer for Howard University. Her focus is on maintaining compliance, creating repeatable processes and gaining efficiencies to protect Howard’s brand, the people and the information they use. She is a veteran of the US Air Force where she started on her cybersecurity career path, accumulating over 20 years of cybersecurity experience within the federal government and now in higher education.
As a fun fact, her dream job is to be the CISO or CIO of the National Football League, and she says she enjoys eating “which means I enjoy cooking.”
Learn more about the Washington, DC CISO community here.
Give us a brief overview of the path that led to your current role.
While on active duty in the Air Force, I was introduced to security in all forms, and that sparked my interest. I could see the long term possibilities of working in security from a technology perspective. I started working in security as a tech writer, then a security tester, inspector, information security manager, a cybersecurity engineer and finally a CISO. I went from technical to managerial over the course of my career.
What is one of your guiding leadership principles?
Ask plenty of questions to fully understand the request, the technology, the problem or to lead people to the best solution.
What is the greatest challenge CISOs face today, and how are you addressing it?
I've realized that relationships matter in higher education, more than in the federal space. I am changing my style on addressing problems, by first developing a personal relationship and understanding of how an office or department functions before I start on the problem that requires a resolution.
What is the key to success for someone just starting out as a CISO?
Take the time to learn the culture and the business processes before making major changes. Focus on addressing the risks as they apply to the operation of the organization.
How do you measure success as a leader?
If I'm able to streamline processes and gain efficiencies while improving the cybersecurity awareness of the organization, I see that as success. I feel I've done my job as a CISO when the entire organization starts thinking about security whenever they think about changing a process or adding a capability.
What is the value of being a member of the Evanta community?
Being a member of the Evanta community provides me with instant access to other professionals that I can speak with about challenges, vendors and tools.
Evanta Governing Body members share their insights and leadership perspectives to shape the agendas and topics that address the top priorities impacting business leaders today.
by CISOs, for CISOs
Join the conversation with peers in your local CISO community.