You are here: American University Profiles Staff Cathy Hubbs

Back to top

Photograph of Cathy Hubbs

Cathy Hubbs Chief Information Security Officer OIT | Information Security

(202) 885-3998
OIT | Information Security
Spring Valley Building 234
MEd, George Mason University

Favorite Spot on Campus
Ilene Zatkin-Butler Garden
Cathy works in the Office of Information Technology, identifying risk sources, planning, developing, implementing and maintaining the University's information technology security program to safeguard new and existing technologies and services. She contributes to university-wide information security awareness and education programs and is responsible for the development of information security policies, procedures and security standards. She works with internal and external auditors to ensure AU's information technology resources are compliant with applicable, policies, laws, and regulations and coordinates the investigation of technology security incidents.

Partnerships & Affiliations

Scholarly, Creative & Professional Activities

Professional Presentations

  • Seminar: Building Your InfoSec Leadership Style, EDUCAUSE, 2019
  • What Happens When You Click, NASA Webinar Series, 2018
  • Enterprise Risk Management, RIMM Montreal, 2018
  • Women in IT, Duke Cybersecurity Series, 2017
  • Security Spend, EDUCAUSE, 2017
  • Delving into Diversiity, Gartner, 2016
  • Cyber Security Threat Landscape, US Coastguard Headquarters, 2016
  • Distinguished Speaker Series: Cyber, Dept of Energy, 2016
  • Postioning Your IT Security Program as an Enterprise Resource, EDUCAUSE, 2013
  • What's Your Number? Measuring the Maturity of Your Security Program, EDUCAUSE, 2013
  • Enterprise Risk Management in Higher Education: Implications for Enterprise IT, EDUCAUSE, 2013.
  • Cyber Security Awarnness, eTrade Seminar Series, 2013, 2014, 2015
  • Cybersecurity: Protecting Your Campus, American Council on Education Webinar Series, 2013.

Selected Publications

  • Breaking the Chain, AC CISO Journal, Security Current, 2015
  • Alternative IT Sourcing: A Discussion of Privacy, Security, and Risk, EDUCAUSE Review 2011   
  • Business Continuity Planning. University Business, 2006


Technology Managers Forum's Best Practices in Information Security, 2009

Professional Certifications

  • Certified in Risk and Information Systems Controls, 2010
  • Graduate, FRYE Leadership Institute, 2009   
  • Certified in the Governance of Enterprise IT, 2009   
  • Certified Information Systems Auditor, 2006  
  • Certified Information Systems Security Professional, 2005