German universities are no longer just centers of research and learning; they are complex digital ecosystems responsible for protecting sensitive research data, personal information, and the continuity of teaching itself. As cyber threats increasingly target academic institutions, security leadership in higher education has become both highly visible and strategically critical.
What makes this space particularly interesting is its diversity. Some leaders operate with formal CISO mandates, while others combine security responsibilities with academic, infrastructure, or continuity roles. Together, they are defining what cybersecurity leadership looks like in a decentralized, research-driven environment, often with limited resources but enormous impact.
Christian Böttger — Chief Information Security Officer, Technische Universität Braunschweig
Christian Böttger has been shaping information security at TU Braunschweig for nearly a decade, formally holding the CISO role since 2021. His work reflects the long-term nature of security leadership in academia, where building governance, trust, and sustainable processes matters as much as reacting to incidents. With deep institutional knowledge and continuity, Böttger represents the steady, execution-focused leadership many universities rely on to mature their security posture over time.
Rafael Roschinski — Chief Information Security Officer, Universität Ulm
Since taking on the CISO role at Ulm University in early 2023, Rafael Roschinski has been responsible for steering information security across a research-intensive academic environment. His role sits at the intersection of operational security and institutional governance, ensuring that security frameworks support both administrative needs and scientific innovation without becoming a barrier to progress.
Sandra Heger — Acting Chief Information Security Officer, Universität Siegen
Sandra Heger brings a distinctly human-centric perspective to cybersecurity in higher education. Serving as acting CISO at the University of Siegen, she focuses not only on technical controls but on resilience, business continuity, and collaboration across institutions. Actively involved in regional and national working groups, and engaged with initiatives like Women4Cyber, Heger is widely recognized for strengthening networks between universities and advocating for pragmatic, shared approaches to academic cybersecurity.
Christoph Glowatz — Chief Information Security Officer, Hochschule Düsseldorf (HSD)
Christoph Glowatz has led information security at Hochschule Düsseldorf since 2019, helping a major university of applied sciences navigate the realities of modern academic IT environments. His role reflects the growing importance of structured security governance in institutions that balance teaching, applied research, and external collaboration—often under tighter operational constraints than large research universities.
Tobias Aumüller — Chief Information Security Officer, Hochschule München
Tobias Aumüller represents a newer generation of academic CISOs focused on formalization and tooling. As CISO at Hochschule München, he is driving the implementation of an ISO 27001-aligned ISMS and leading risk management initiatives using modern platforms like GitLab. His work highlights how universities are increasingly adopting industry-grade security frameworks while adapting them to academic realities.
Luigi Lo Iacono — Professor for IT Security & Chief Information Security Officer, Justus-Liebig-Universität Gießen
Luigi Lo Iacono operates at the rare intersection of academia and executive security leadership. As both a Professor for IT Security and CISO at JLU Gießen, he bridges research, teaching, and operational security. His dual role underscores a growing trend in higher education: leveraging academic expertise directly within institutional security governance rather than separating theory from practice.
Helge Illig — Chief Information Security Officer, Universität zu Lübeck
With more than three decades at the University of Lübeck and over a decade as CISO, Helge Illig brings unmatched institutional memory to the role. His background in running a university data center and planning large-scale IT infrastructure gives him a holistic view of security, capacity planning, and operational resilience. Illig exemplifies the deep, infrastructure-rooted leadership that continues to underpin security in many German universities.
Why These Leaders Matter Now
Cybersecurity in higher education is no longer a side responsibility; it is a strategic function tied directly to academic continuity, research integrity, and institutional trust. The leaders on this list reflect the many paths into that responsibility: long-tenured practitioners, hybrid academic-executive roles, and community builders who recognize that universities are strongest when they secure themselves together.
As threats evolve and collaboration becomes essential, these CISOs and security leaders are protecting their own institutions and quietly shaping a more resilient digital future for German higher education as a whole.