North Carolina’s higher education sector includes some of the most complex cybersecurity environments in the region, spanning major research universities, statewide academic systems, community colleges, and institutions serving large student, faculty, and healthcare populations. The leaders in this group are helping their institutions balance openness and academic collaboration with the growing demands of identity security, incident response, compliance, research protection, and enterprise risk management.
Nick Tripp — Chief Information Security Officer, Duke University
Nick Tripp leads cybersecurity at Duke University, where he aligns information security and identity strategy with the needs of a major research university and health system. His role spans governance, risk, compliance, security operations, engineering, and IAM, including oversight of single sign-on and multifactor authentication across a highly complex institutional environment.
What stands out in Tripp’s profile is the way he frames cybersecurity as both a strategic and cultural function. He works closely with executive leadership, governance bodies, and IT teams, while also emphasizing team development and making the field feel accessible rather than exclusive. At Duke, that translates into support for secure research initiatives, security automation, and a security program designed to serve academic, research, and operational priorities at the same time.
Kim Smodic — Chief Information Security Officer, University of North Carolina System Office
Kim Smodic brings deep public-sector cybersecurity experience to the University of North Carolina System Office, where she serves as Chief Information Security Officer. Her background includes nearly two decades at the North Carolina Department of Information Technology, including service as the state’s enterprise risk and compliance-focused CISO, giving her a strong foundation in large-scale governance, security oversight, and statewide coordination.
That experience makes her especially notable in higher education, where system-level leadership matters as much as campus-level execution. At the UNC System Office, Smodic sits at the intersection of policy, institutional coordination, and risk management for one of the country’s most significant public university systems, helping shape cybersecurity strategy across a broad academic footprint.
Nathan Brown — Director of Cybersecurity & Chief Information Security Officer, Wake Technical Community College
Nathan Brown brings a mission-driven and operations-heavy background to Wake Technical Community College, combining military and civilian leadership experience with a focus on threat detection, incident response, and institution-wide cyber resilience. His profile highlights more than two decades of experience, including work tied to large budgets, advanced threat methodologies, and close collaboration with senior leadership.
At Wake Tech, Brown’s impact is especially visible in measurable program outcomes. He established a risk-based cybersecurity framework, expanded MFA and active monitoring, remediated improperly stored personal data, and strengthened awareness through user training and phishing simulations. His work reflects the growing importance of sophisticated cybersecurity leadership not just at flagship universities, but across community colleges serving large and diverse student populations.
Mark D. Webster — Chief Information Security Officer, East Carolina University
Mark D. Webster has built a long career in education technology and security leadership, with experience spanning universities, community colleges, and K-12. At East Carolina University, he leads the institution’s information security program and serves as a senior advisor on security vision, strategy, and direction, helping connect cybersecurity priorities to the university’s broader strategic and compliance obligations.
His ECU work shows the breadth of what higher-ed security leadership now requires. Webster has overseen security awareness training, incident response, third-party assessments, credential hardening, GLBA safeguards efforts, and the development of a secure research enclave aligned with NIST 800-171 requirements. That mix of governance, operations, and research support makes him a strong example of the modern university CISO role.
Stephen Bertino — Chief Information Security Officer, Wake Forest University
Stephen Bertino brings an unusually broad operating background to his role at Wake Forest University, with leadership experience across infrastructure, business operations, application development, and service delivery. His past roles at Rochester Institute of Technology, Paychex, and Citibank reflect a career built around scale, availability, process design, and operational improvement.
That background is especially relevant in higher education, where cybersecurity leaders increasingly need to think beyond narrow technical controls and understand how services are delivered across the institution. Bertino’s profile suggests a leader shaped by both enterprise technology and business operations, bringing a practical service-improvement mindset to security leadership in a university environment.
Aaron Culler — Chief Information Security Officer, University of North Carolina Wilmington
Aaron Culler represents a newer generation of higher education cybersecurity leaders, bringing a background that combines military service, cyber readiness work, and university leadership. Before becoming CISO at the University of North Carolina Wilmington, he held cybersecurity and information assurance roles tied to federal and defense-related environments, alongside nearly a decade in the U.S. Marine Corps.
That path gives him a perspective grounded in discipline, readiness, and operational execution. At UNCW, he brings that experience into a university setting where cybersecurity must support teaching, administration, and institutional resilience. His trajectory also reflects how higher education continues to draw leaders from government and defense backgrounds as cyber risk becomes more central to campus operations.
Where North Carolina’s campus cyber bench is getting stronger
This group reflects the depth of cybersecurity leadership now embedded across North Carolina higher education. From research-heavy institutions and public university systems to community colleges and private universities, these leaders are helping define how campuses manage identity, compliance, research security, operational resilience, and institutional trust in a more demanding threat environment.
For more cybersecurity leaders in the education space, explore the Higher Education tag.