Implementing a robust cybersecurity program in post-secondary institutions is critical to protecting sensitive data, ensuring continuity of operations, and fostering trust within academic communities. Leveraging the NIST Cybersecurity Framework and the National Cybersecurity Assessment (NCA) Six Pillars provides a structured approach to addressing cybersecurity challenges in these dynamic environments.

The presentation will outline the integration of NIST and NCA principles within the post-secondary context, highlighting actionable steps and best practices for aligning cybersecurity initiatives with institutional goals while using change management methodology. Previous State.

  • Assess the current ecosystem
  • Determine gaps in security, and skills Current state
  • Determine organization capabilities
  • Determine transformation initiatives Our Future state
  • NIST framework will be adopted for the cybersecurity program Change Management Methodology
  • ADKAR Capilano University is building a cybersecurity team that will support the implementation of the cybersecurity program and operationally secure the digital ecosystem.

The program will focus on strategy, governance, risk management, policies and training, vulnerability management, security assessment and audits, and identity management. The NIST framework will be adopted for the cybersecurity program to organize and deliver against these requirements, the following projects are identified tactically deliver the work required at the university.

Summit Speaker

Melvin Lal

Director Digital Transformation Office and Cybersecurity, Digital Technology Services, Capilano University

Melvin is the Director, digital transformation office & cybersecurity at Capilano University.  He has extensive experience in risk mitigation and program/services planning which he approaches using interdisciplinary collaboration amongst leaders.  

Summit Speaker

Harv Samra

Senior Manager, Central Security Services, Capilano University

Harv has 20 years of experience within cybersecurity, technology architecture and infrastructure.  At CapU, Harv is responsible for the centralized cybersecurity team and programs that provide security governance, digital security services, security auditing and assessments, identity management services and DTS policy development.

Summit Speaker

Michael Shi

Manager, Cybersecurity Audit and Assessment, Capilano University

Michael comes with 8 years of experience in cybersecurity risk management. At CapU, Michael plays a key role in strengthening the compliance and governance posture. Michael is responsible for implementing security audit and assessment program across digital solutions including Security Threat & Risk Assessment, Third Party Risk Management and Compliance Monitoring to ensure robust controls are implemented based on the risk priority.

Technology Track