Michigan State hires new CISO as cyberattacks spike

Michigan State University’s new chief information security officer, Tom Siu, started his position Thursday, according to university leadership.

As CISO, Siu will support MSU’s IT security initiatives and lead the university’s information security team, which focuses on minimizing risk to university information systems, ensuring compliance with laws and regulations and responding to cybersecurity incidents, according to the university.

Previously, Siu served as the CISO for Case Western Reserve University for more than 14 years, working in risk management practice, security strategy and emergency operations. He will replace Seth Edgar as MSU’s CISO, who now works as the director of security operations at the insurance company Accident Fund Group.

(LinkedIn)

Siu’s appointment comes at a time when universities are facing a growing number of cyberthreats as they conduct business and teach remotely during the pandemic.

Universities have fallen victim to new phishing scams and also have the burden of protecting a growing amount of health data as they test students and faculty for COVID-19 and collect mobility data to try and mitigate the spread of the virus. Several universities in March were targeted with a new phishing email campaigns that exploited fears about the coronavirus.

Data privacy concerns also abound. At the University of Kentucky, a spreadsheet containing negative COVID-19 test results of several hundred students and faculty was left unprotected in August.

Michigan State University has already fallen victim to a ransomware attack this year, when hackers breached the university’s network on May 31 and threatened to publish students’ personal records and university financial documents if the university failed to pay a bounty.