Higher education cybersecurity in Missouri spans flagship research universities, regional public institutions, private Jesuit universities, and specialized health sciences colleges. The CISOs in this feature are protecting student records, research data, clinical information, financial aid systems, and the open academic networks that make all of it harder to secure. Their backgrounds are varied, their institutions are different in scale and mission, and their programs reflect what it actually takes to build security inside environments where openness is a cultural value and compliance requirements grow more complex every year.
Rebecca Thurmond Fowler — Chief Information Security Officer, University of Missouri System
Rebecca Thurmond Fowler has spent more than twenty-five years in information security in higher education, nearly all of it at the University of Missouri. She joined as an administrative associate in 1998, moved into system security analysis, then managed security assessments and incident response, served as information security officer for the Columbia campus, and stepped into the system CISO role in April 2020. That progression, from entry-level staff through analyst, manager, campus ISO, and system CISO over more than two decades, reflects an institutional knowledge that is genuinely difficult to acquire any other way. She holds GIAC-GSEC Gold and GIAC-GLEG certifications and a CISSP, and her focus areas include incident response, vulnerability management, risk management, compliance, and identity and access management across a multi-campus system serving tens of thousands of students and researchers.
Gary Dodson — Chief Information Security Officer, Missouri Southern State University
Gary Dodson brings experience across vastly different industries to his CISO role at Missouri Southern State University, where he has led information security since September 2023. Before moving into higher education security, he spent nearly five years as director of information security at Emporia State University in Kansas, and before that served as information technology security coordinator at Missouri Southern, giving him deep familiarity with the institution he now leads from the top security seat. His recent achievements at Missouri Southern include strengthening authentication through enterprise-wide multifactor implementation, establishing a methodical vendor risk assessment process, improving endpoint detection and logging visibility, and standing up a formal Records Retention Committee with broad campus stakeholder involvement. His profile is a clear example of what patient, ground-up security program development looks like at a regional public university operating with lean resources and real regulatory exposure.
Zach Lewis — Chief Information Officer and Chief Information Security Officer, University of Health Sciences and Pharmacy in St. Louis
Zach Lewis is the author of Locked Up: Cybersecurity Threat Mitigation Lessons from a Real-World LockBit Ransomware Response, published by Wiley in 2026, a book drawn directly from his firsthand experience leading the response to a major ransomware attack at a higher education institution. That is not a credential most CISOs carry, and it reflects a security leader whose operational experience has been stress-tested in ways that tabletop exercises cannot replicate. At the University of Health Sciences and Pharmacy in St. Louis, where he has served as CIO and CISO since April 2021, he leads a team of 27, manages a $2.1 million budget, chairs the Enterprise Risk Management Committee, and reduced phishing success rates by 80 percent through a gamified cybersecurity awareness training program. He also serves as a venture advisor to Glilot Capital Partners and speaks publicly on higher education cybersecurity. His path to the dual CIO and CISO role ran through network and systems administration, technical support management, and IT director responsibilities across several St. Louis-area institutions.
Doug Glaze — Associate Vice President and Chief Information Security Officer, Saint Louis University
Doug Glaze stepped into the AVP and CISO role at Saint Louis University in March 2026, following more than three years as cybersecurity architect at the same institution. Before SLU, he spent seven years as chief technology officer at Maryville University, where he was appointed CISO in 2018 to lead information security and data protection initiatives alongside his broader technology leadership responsibilities, developing a comprehensive information security management framework covering GLBA, FERPA, and PCI compliance. Earlier in his career he held CIO and SVP roles at Vatterott College and its affiliated institutions, and IT director and quality assurance management roles at Ozburn-Hessey Logistics. That combination of logistics technology operations, for-profit higher education IT leadership, and private university security architecture gives him a cross-sector foundation that informs how he approaches security governance at a major Jesuit research institution.
What Missouri’s Academic Security Leaders Share
Several of the leaders in this feature built their careers inside the same institutions they now lead from the CISO seat. That pattern of internal progression produces security programs grounded in real institutional knowledge rather than frameworks applied from the outside. In higher education, where the culture resists top-down mandates and security has to earn its legitimacy through trust and relationship-building, that kind of insider credibility is not a minor advantage. It is often the difference between a programme that holds and one that struggles to find traction.
Discover more education CISOs:
- Where Arizona’s Higher Education CISOs Are Setting the Standard
- Cybersecurity Leaders to Watch in Washington’s Higher Education Industry
- CISOs to Watch in Illinois’ Higher Education Sector
- Cybersecurity Leaders to Watch in Georgia’s Higher Education Sector
- CISOs to Watch in the State of New York’s Higher Education Industry
