Katrina Biscay – University of Cincinnati

Playing orchestral music is a demanding, nuanced task, involving dozens of musicians to stay on-time and on-tune. But doing that remotely? With the added difficulty of poor internet connections and Zoom awkwardness?

Katrina Biscay admits she hasn’t yet discovered how University of Cincinnati students and music professors can bridge the gap between virtual and real time as they rehearse and perform, but she’s working on it.

Katrina Biscay | Assistant Vice President and Chief Information Security Officer | University of Cincinnati

And, as the university’s chief information security officer, she knows, perhaps as well as anyone, the complexity and risks that have developed with remote learning.

“We are our own city,” Biscay says. “We have research and students and span many verticals compared to a traditional corporate organization. This forces you to look at security from different perspectives.”

Traditions and growth

The University of Cincinnati was founded in 1819, the same year as the city itself. Its alumni include Neil Armstrong, the first person to walk on the moon; Albert Sabin, developer of the first oral polio vaccine; and former president and Supreme Court Chief Justice William Howard Taft.

The university offers 414 degree programs and has an enrollment of more than 46,000 students. Biscay, whose IT career began in the late ‘90s, says many people don’t realize the scope of what she’s tasked with protecting.

Securing network operations, identity management and personal information is already complicated by the number of devices resident students bring with them. She says it’s typically between seven and 10, from computers, phones and tablets to roommates named Alexa or Siri. Students may also use 150 to 200 campus network access points daily.

In addition, UC President Dr. Neville Pinto wants to make the university one of the top 25 research schools in the U.S. by 2030. So Biscay and her team of 38 also work closely with the UC Office of Research to meet cybersecurity compliance requirements that can’t be applied throughout the campus because of academic freedom and flexibility needed for the full educational experience.

“We need to know what’s important to the university both from its academic and research goals. Then we must quickly pivot to ensure they can meet them in a safe and secure manner,” Biscay says.

Everyone has a role

To protect UC’s network, information and data, Biscay wants student involvement and a diverse team of her own.

For the former, she’s leading efforts to revamp the incident response efforts so students will assess and triage threats as part of the Security Operations Center 2.0 before escalating a situation to the security staff. UC offers a cybersecurity program, but the operations center is open for any student who wants to participate because of the broad perspectives they can bring.

“In incident response, you need a different approach,” she says. “Threats and actors vary, [so we] need people to think creatively, ‘what about this, what about that.’ It also offers hands-on experience and personal ownership in protecting the campus.”

To ensure more diversity, equity and inclusion, she’s reviewing all training and awareness materials to ensure they’re accessible and representative, and that they use inclusive language in references to technology. UC’s Office of Information Security now has more women on staff than men, which she adds is unique to the industry.

Biscay says UC’s digital technology transformation is occurring with the help of a local partner, Cincinnati-based CBTS. The tech solutions provider has worked with the university for years, most recently by refreshing its network and phone system, a multi-year project that’s wrapping in October.

“We expect to work with them closely throughout the years because we have same values and vision.” Biscay says. “It’s important to have a partnership with someone that has equal dedication to the community.”

Securing her career

A native of Ukraine, Biscay moved to the U.S. when she was 13. She was barely able to speak English in middle school as she and her mother struggled with poverty. Though Biscay eventually returned to Ukraine, she came back to the U.S. for college and earned her bachelor’s degree in computer science at Cincinnati’s Xavier University in 1999. Her mother, always her inspiration, has since earned an MBA, she adds.

Biscay began her career before graduating as a senior network administrator for CSC, an IT consulting firm, from May 1998 to June 2002.

While at CSC, Biscay also joined the Deer Park Silverton Joint Fire District outside Cincinnati and, in 2004, became certified as a paramedic while being valedictorian of her class at Cincinnati State Technical and Community College. She was with the department until 2011 and misses serving, she says.

In July 2002, Biscay took her IT skills to municipal government as she joined the city of Sharonville, Ohio, as its IT manager. In July 2012, she was named director of IT.

In September 2014, she joined the University of Cincinnati as its cyber incident response manager. Three years later, she was promoted to director of information security. Biscay has also been part of the adjunct faculty, developing and teaching courses on cybersecurity and digital forensics.

In 2015, Biscay completed her master’s in digital forensic science from Champlain College, focusing on the implementation of security information and event management in higher education.

Biscay left the University of Cincinnati in September 2019 to become the information security officer at Hamilton Clermont Cooperative Information Technology Center and has also been a cyber security analyst for the Greater Cincinnati Fusion Center since March 2012, where she’s collaborated on cyberthreats with agencies including the U.S. Department of Homeland Security, the FBI and the Secret Service.

But once a Bearcat, always a Bearcat—in January, Biscay returned to the University of Cincinnati.

“We can’t be traditional, always have to be creative in solutions that are unique and customer-focused,” she says.

And that includes helping music students hit the right notes at the right time.

View this feature in the Winter I 2022 Edition here.