Georgia’s higher education sector spans large research universities, medical schools, and regional institutions, all operating increasingly complex digital environments that support academic research, healthcare, student services, and enterprise operations. The cybersecurity leaders in this group are responsible for securing open, collaborative ecosystems while managing regulatory requirements, sensitive data, and growing infrastructure demands. Their work sits at the intersection of innovation and risk, where enabling access is just as important as enforcing control.
Nicol Lewis — CISO, Columbus State University
Nicol Lewis brings more than two decades of experience across security, risk, compliance, and infrastructure leadership, with a background that spans higher education, public sector, and multi-agency environments. At Columbus State University, she leads security strategy, threat response, vendor risk, and executive reporting, aligning cybersecurity with both institutional priorities and regulatory expectations. Her experience across frameworks such as PCI DSS, HIPAA, GLBA, SOX, GDPR, and CJIS reflects the breadth required to secure university environments where data, access, and compliance intersect daily.
Derek Spransy — CISO, Emory University
Derek Spransy leads Emory University’s enterprise information security program, overseeing a 60-person team across cyber defense, GRC, security architecture, cloud security, and identity and access management. His background in incident response, digital forensics, vulnerability management, and threat operations reflects the depth needed to secure a major research university with healthcare integration. His leadership brings together operational execution and strategic oversight in an environment where research data, clinical systems, and academic infrastructure all converge.
James Hunter — CISO, Morehouse School of Medicine
James Hunter has built his cybersecurity leadership career within higher education and healthcare-adjacent institutions, progressing from network security roles into executive leadership. At Morehouse School of Medicine, he leads security strategy and operations within a highly regulated academic medical environment, where collaboration, research, and compliance must coexist. His background across infrastructure, risk frameworks, and cross-functional leadership reflects a steady, systems-oriented approach to building resilient security programs.
Bill Moore — CISO, Georgia Southern University
Bill Moore brings more than 25 years of experience across higher education technology leadership, including prior roles as CIO and long-standing experience in information security program development. At Georgia Southern University, he leads cybersecurity strategy informed by deep experience in IT operations, risk management, incident response, and regulatory compliance. His career reflects a strong emphasis on collaboration, institutional alignment, and building security programs that support both academic and administrative needs.
Tiffany Mack — Director of Cybersecurity Solutions, Augusta University
Tiffany Mack brings a unique combination of academic, operational, and military cybersecurity experience to her role at Augusta University. In addition to leading cybersecurity solutions, she also contributes to graduate-level education in intelligence and security studies. Her background with U.S. Army Cyber Command adds a national security dimension to her work, shaping how cybersecurity is approached in both academic and operational contexts. This blend of leadership, education, and hands-on experience strengthens institutional capability while helping develop the next generation of cybersecurity professionals.
Gabriel Vannice — Director of Cybersecurity Infrastructure Security, Georgia Institute of Technology
Gabriel Vannice leads cybersecurity infrastructure security at Georgia Tech, where his work spans enterprise architecture, infrastructure modernization, compliance, and operational resilience. His leadership includes managing large technical teams, aligning infrastructure with research and institutional priorities, and supporting regulated workloads across frameworks such as HIPAA, ITAR, and NIST 800-171. With experience across enterprise IT operations and research environments, he represents the kind of hybrid infrastructure and security leadership increasingly required in large research institutions.
Securing Open and Complex Academic Environments
What makes higher education cybersecurity uniquely challenging is the balance between openness and control. These leaders are securing environments that must remain accessible to students, researchers, and collaborators, while still protecting sensitive data, intellectual property, and institutional systems. Their work reflects a broader shift in academic cybersecurity—one that prioritizes resilience, governance, and adaptability in some of the most dynamic digital environments today.
Explore more cybersecurity leadership profiles on our CISOs to Watch tag.