Director, Information Security Education & Consulting, Harvard University

Sandy is a Senior Workshop Director at Info-Tech Research Group, where she leads week-long engagements with clients to build Security Strategy, Security Incident Response Plans, Security Risk Management, and Security Operations Programs. Her nearly 25 years of experience in information security prior to this current role were primarily in financial services and higher education. She specializes in aligning information security programs to business strategy and outcomes, risk tolerance levels, culture, and positive customer experience.

Prior to joining Info-Tech, Sandy was Director of IT Security Education & Consulting at Harvard University, where she led a team of specialists that advised leaders across the college, professional schools, and institutes on security risk decisions to support strategic teaching, learning, and research activities. This broad portfolio of work included annual security assessments, research data and vendor security reviews, awareness campaign creation and delivery, policy governance, and training. Sandy’s experience from earlier roles with Fidelity Investments, Bose Corporation, and Wellington Management further includes business continuity management, disaster recovery planning and testing, incident response, privacy and security policy development, and secure application development programs.

Sandy earned her CISSP in 2002. She holds a bachelor’s from Brandeis University and a master’s from Harvard University in Germanic Languages and Literatures, as well as graduate certificates in Adult and Organizational Learning from Suffolk University and Leadership Decision Making from Harvard Kennedy School of Government.

Sandy Silk

My Sessions

Creating a Robust Data Breach Management Policy

18 May 2022, 15:10 - 16:00


PrivSec Focus - Enterprise Risk