Director of Information Security/CISO
As CISO for Tufts University, Lorna Koppel's key responsibilities include enabling Tufts mission while assessing and managing the security risks to the university and the overall operating security for their diverse environment, including development and implementation of security policies, data stewardship and compliance activities, technology and architecture standards, and operational detection and response activities.
Previously, Lorna held various security leadership positions at Iron Mountain, Kohler Co., BT Infonet Services Corp., CSC, and Meso Inc., and served in the USAF Weather Service. Lorna holds a B.S. in Physics from Bowling Green State University, a B.S. in Meteorology from Pennsylvania State University, and a Master of Science in Atmospheric Science from the University of Albany.
Learn more about leaders in the Boston CISO community here.
Give us a brief overview of the path that led to your current role:
My career has been defined by taking advantage of opportunities in each job to build my skills that I then continued to leverage. I was a meteorologist in the Air Force while everything shifted from fax charts to computers. In grad school, I had to teach myself to write Fortran code to analyze huge data sets while learning to sysadmin my new Sun UNIX workstation. Eventually, I ended up being a sysadmin in a security team for CSC-Hughes. It's then I found my true niche— security!
What is one of your guiding leadership principles?
Have respect for others and the confidence in yourself to take full responsibility for the bad and to give credit to those who made the good possible.
With disruption being a key theme of the past year, where do you see your role as a CISO going in the next 1-2 years?
For many of us, the last year has forced institutions to compress the evolution of how our business gets done from what would have normally taken a decade to accomplish, and there are no signs that we will return to a slower pace. Even more than ever before, my role will demand flexibility, creativity, and tenacity to ensure security, privacy, and compliance efforts keep pace with the demands and enable, rather than get in the way of this progress. We have to support working from anywhere, moving more to the cloud, and completely rethink traditional technologies and processes.
What advice would you give to someone just starting out in the role as a CISO?
A CISO's relevance is commensurate with how much they understand about their institution's business, work methods, and what it values. Your security program must support what is valued and enable the organization to be successful. Listen to what others throughout the organization are saying and doing in many different jobs and levels. You will find what types of things resonate with others and pain points they have that could be opportunities for you to bake in more security — have better influence or connect groups with similar yet unsolved issues. Be a communicator of how your area can help and then deliver on your commitments.
Tell us three fun facts about yourself.
- I insanely love dogs. Anything involving dogs and you get my attention. My adult son and I share the same interest, and he frequently texts me dog videos from Reddit.
- I have many diverse hobbies, one of which is designing and making jewelry. I love the concept of engineering the design and then making it work. I would love to get into making my own glass and stone beads along with metalworking just for the challenge of learning.
- I have turned Zoom backgrounds into a way to share my nature photography and to help others imagine being somewhere different.
What is the value of participating in a professional community through Evanta?
The value in participating in the Evanta CISO community is two-fold: both in investing in our own knowledge and in helping our security community to become bigger and stronger. To stay relevant, we must keep updating ourselves to current trends and solutions. Also, we owe it to the future to attract a lot more people to the security field and develop their abilities faster and better.
Evanta Governing Body members share their insights and leadership perspectives to shape the agendas and topics that address the top priorities impacting business leaders today.
by CISOs, for CISOs
Join the conversation with peers in your local CISO community.