Massachusetts’ higher education institutions operate some of the most open and complex technology environments in the country. Universities must protect student records, research data, healthcare information, and intellectual property—while maintaining the openness that fuels academic collaboration and discovery. Cybersecurity leaders in this sector balance governance, resilience, and education at scale. The following Chief Information Security Officers and senior security leaders are shaping secure academic ecosystems across the Commonwealth.
Sean Pettis — Senior Director of Infrastructure and Chief Information Security Officer, Springfield Technical Community College
Sean Pettis brings more than 30 years of IT experience spanning application development, telecommunications, systems and network administration, storage, governance, risk and compliance, and cybersecurity. CISSP-certified, he joined higher education in 2021 and focuses on strengthening institutional infrastructure while advancing the college’s overall security posture. His multidisciplinary background enables practical, operations-focused security leadership in a resource-conscious academic environment.
Eric Jacobsen — Assistant Vice President and Chief Information Security Officer, Boston University
Eric Jacobsen leads institutional information security at Boston University, overseeing infrastructure, policies, identity and access management, incident response, vulnerability management, and regulatory compliance across all campuses. With more than three decades at BU, he provides thought leadership on emerging cyber threats and regulatory trends while guiding risk assessment, strategic planning, and community outreach. His role also includes developing security awareness initiatives and representing the university in broader cybersecurity forums.
Michael Gioia — Chief Information Security Officer, Babson College
Michael Gioia has served as Chief Information Security Officer across multiple organizations, building and maturing risk assessment and incident response programs. At Babson College, he has led cloud-first security initiatives, reviewed large-scale SaaS migrations, implemented enterprise risk foundations, and developed structured incident response capabilities that reduced remediation time. His approach blends governance, operational efficiency, and measurable cost savings.
Tim Holmes — Chief Information Security Officer, College of the Holy Cross
Tim Holmes is a frameworks-driven Chief Information Security Officer focused on transforming security postures from reactive to resilient. With deep experience across infrastructure, cloud, identity, governance, and compliance, he combines hands-on technical expertise with strategic leadership. CISSP-certified and grounded in project management and philosophy, he emphasizes ethically informed, risk-based security strategies aligned with institutional missions.
David Norman — Chief Information Security Officer, Bentley University
David Norman leads cybersecurity strategy at Bentley University, overseeing protection of digital assets, intellectual property, and institutional systems. As Chief Information Security Officer, he manages cybersecurity teams and external partners while collaborating across the university to strengthen data protection and community awareness. His work centers on safeguarding academic systems while building broad-based education around cyber risk and privacy.
Lorna Koppel — Chief Information Security Officer, Tufts University
Lorna Koppel provides strategic leadership for information security across Tufts University’s multi-campus environment. Serving as Chief Information Security Officer, she advises senior leadership, develops institutional security strategy, and oversees services including policy development, risk assessments, incident response leadership, and community education. Her focus is on building a comprehensive security program that protects students, faculty, research, and institutional data at scale.
Eric Boughton — Chief Information Security Officer, Fitchburg State University
Eric Boughton leads information security efforts at Fitchburg State University as Chief Information Security Officer. With certifications including CISSP and CRISC, he focuses on risk management, firewall technologies, backup systems, and web application security—ensuring that technology enhances productivity while maintaining strong defensive controls across academic systems.
Jake Cunningham — Deputy Chief Information Security Officer, University of Massachusetts Amherst
Jake Cunningham serves as Deputy Chief Information Security Officer at the University of Massachusetts Amherst, bringing over 25 years of experience in higher education security, privacy, and compliance. He supports strategy development, cross-functional collaboration, risk assessment, and incident response coordination. His work emphasizes building a culture of collaboration and security awareness aligned with the university’s missions of teaching, research, and innovation.
Securing Open Academic Ecosystems
In Massachusetts higher education, Chief Information Security Officers must protect highly distributed, research-intensive environments without undermining openness and collaboration. These leaders operate at the intersection of governance, research enablement, and community education—strengthening institutional resilience while supporting academic freedom and innovation.
For a closer look at how cybersecurity supports advanced discovery platforms and venture-backed scientific innovation, explore Cybersecurity Leaders to Watch in Massachusetts’ Research Industry.