Higher Education: Cybersecurity CISO Outlook For 2024

with Upendra Mardikar (CISO TIAA) and Richard Sparrow (CISO NYU)

Wednesday, January 17
Noon ET


What will be the biggest higher education cybersecurity challenges in higher education in 2024? Where should you invest your time and resources to most effectively secure your employees, students, and sensitive institutional data?

Find out answers to these questions during a webinar on January 17, 2024 from 11 am to 12 pm EDT hosted by The Research & Education Networks Information Sharing & Analysis Center. 

Guest speakers will be Upendra Mardikar, TIAA’s Chief Information Security Officer, and Richard Sparrow, New York University’s Global Chief Information Security Officer.

These security leaders will share insights on:

  • generative AI, ransomware, and social engineering cyberattacks and how to detect and avoid them
  • ways you can use generative AI to block cyberattacks
  • the cybersecurity talent shortage in high ed and how to overcome this challenge with upskilling and reskilling
  • the latest cybersecurity budgeting trends in higher ed and best practices and
  • tips for protecting sensitive data from cyberattacks


Upendra Mardikar
Chief Information Security Officer (CISO), TIAA
Upendra Mardikar joined TIAA in 2022 as Chief Information Security Officer. In this role, he is responsible for leading information security strategy and governance, security engineering and operations, and cyber defense and monitoring efforts.
With more than 25 years in the financial services industry, Upendra is a seasoned cybersecurity technology leader known for his track record of delivering large-scale transformations and developing innovative solutions to secure multi-cloud platforms and products, client-facing technologies, and customer and developer experiences.
Prior to TIAA, Upendra served as the CISO for Snap Finance, where he led the development and build of new cybersecurity platforms to enable business growth. He has also held various cybersecurity senior leadership positions at American Express, Visa, and PayPal, where he led high-performing global teams to propel digital transformation and implement cybersecurity strategy and governance.
Upendra is an inventor credited with 95+ patents issued and pending, predominantly in cybersecurity, identity, biometrics, tokenization, blockchain and digital technology. He is a well-recognized thought leader on emerging security trends and notable keynote at industry conferences and universities, including European Identity & Cloud Conference, National Finance Center, Internet of Things, KNOW Identity conferences, Stanford University, UT Austin and others.
Upendra serves as a leading advisor with industry groups such as Oasis, Fast Identity Online and Trusted Computing Group and co-authored the first version of Payment Card Industry Data Security Standard (PCI DSS). Additionally, he wrote “Privacy: Applied. Proactive. Innovative.” and “Purple Book of Software Security.’ He also helped create an online community around cybersecurity called the Purple Book Community.
Upendra holds a master’s degree in business administration from Santa Clara University and a bachelor’s degree in Engineering Computer Science from VNIT in Nagpur, India. His security industry certifications include CISSP, ISSAP, CSSLP.
Richard Sparrow
Global Chief Information Security Officer and Associate Vice President, New York University
Richard is the Global Chief Information Security Officer and Associate Vice President for New York University. In this role, he has leadership oversight of Security Operations, Security Architecture and Engineering, Information Security Risk Management and Compliance, and Identity and Access Management.
Before his role at NYU, he worked at Huron Consulting, helping clients in higher education and health care identify risks, adopt better security practices, and advance information security and privacy strategies. Richard also served as the interim Chief Information Security Officer and Director of Security Operations at Penn State. He led teams focused on security operations, privacy, information security compliance, and identity and access management. He helped develop a comprehensive approach to university-wide information security during his tenure.
Richard has also worked in information security roles with Case Western Reserve University and Virginia Tech. Highlights of this work include implementing Duo 2-Factor Authentication, developing an information security community, creating an enterprise-wide patch management service, and completing a university-wide password change project. He was an active member of the Big Ten Academic Alliance Security Working Group. He has presented on this work across the US and has been a part of the EDUCUASE Security Professionals annual meeting program committee.
Richard is a Florida Gulf Coast University graduate with a bachelor's degree in accounting. Richard also maintains a CISSP (Certified Information Systems Security Professional).

Sharing Information

This recording is open to the public, as well as designated representatives of REN-ISAC member institutions. Information is classified TLP:CLEAR.