Washington’s higher education sector depends on cybersecurity leaders who can protect research environments, student and employee data, academic systems, and the digital infrastructure that keeps modern institutions running. The people in this feature reflect that responsibility across public and private universities, with backgrounds spanning governance, security operations, risk management, infrastructure modernization, and executive technology leadership. Together, they represent the kind of institutional cybersecurity stewardship that has become essential across today’s higher education landscape.
Michael Walters — Chief Information Security Officer, Washington State University
Michael Walters serves as chief information security officer at Washington State University, where he leads a system-wide cybersecurity program focused on risk alignment, resilience, and institutional trust across a large distributed public research environment. His work has included establishing a centralized security operations center, modernizing security operations, rewriting the university’s policy library, operationalizing a controls-based governance model around NIST CSF and NIST 800-53, and shifting executive cyber risk reporting toward quantifiable FAIR-CAM-based analysis. Backed by more than 30 years of experience across national defense and higher education, Walters stands out for combining strategic leadership with hands-on experience in governance, incident response, digital forensics, risk management, and enterprise security transformation.
Darren Owsley — Deputy CIO & Chief Information Security Officer, Gonzaga University
Darren Owsley is deputy CIO and chief information security officer at Gonzaga University, where his role reflects a broad blend of institutional technology leadership and cybersecurity oversight. Over more than a decade at Gonzaga, he progressed through roles including associate director of enterprise resource planning, interim director of IT operations, and chief technical officer before taking on his current position in 2024. That progression gives him a strong understanding of the operational, application, and governance sides of university technology, and makes him a notable figure in higher education cybersecurity because he brings security leadership informed by deep experience in enterprise systems, institutional IT strategy, and cross-functional campus operations.
Joseph DeLeon — Deputy Chief Information Security Officer, UW Medicine; former Director, IT Risk and Security, University of Washington Bothell
Joseph DeLeon currently serves as deputy chief information security officer at UW Medicine, but his background also includes a direct leadership role in Seattle-area higher education as director of IT risk and security at the University of Washington Bothell. Across his career, he has held senior security positions at UW Medicine, the University of California Office of the President, the University of Washington, and Impax Laboratories, with responsibilities spanning governance, identity and access management, security operations, program development, and risk management. That mix of academic, healthcare, and enterprise security leadership makes DeLeon especially relevant to a higher education feature, since he has worked at the intersection of university governance, institutional security strategy, and complex regulated environments.
Abel Cruz — Chief Information Officer & Assistant Vice President, Seattle Pacific University
Abel Cruz serves as chief information officer and assistant vice president at Seattle Pacific University, and although his title is broader than a traditional security role, his remit clearly includes enterprise cybersecurity, privacy, and institutional risk. In his current position, he advises the President’s Cabinet and Board of Trustees on digital transformation and organizational risk, while leading IT governance, service delivery, Azure cloud modernization, and the development of the university’s enterprise security and privacy program. His work has included advancing identity and access management, incident response, third-party risk management, data protection, regulatory compliance, and responsible AI governance, making him a strong inclusion for a higher education cybersecurity feature because his role directly connects technology leadership with security strategy and institutional resilience.
Why cybersecurity leadership now matters more on campus
What stands out across this group is how closely cybersecurity in higher education is tied to institutional continuity. These leaders are not only protecting networks and data. They are helping universities manage research risk, modernize legacy systems, support governance, and maintain trust across academic and administrative environments that have become more connected and more exposed with every passing year.
Explore more profiles of the leaders shaping cybersecurity across numerous industries in our CISOs to Watch collection.