The University of Colorado system last week announced the hiring of David Capps, a former technology official at the Federal Reserve Bank of New York, as the four-campus institution’s new chief information security officer.
Capps’ systemwide CISO role is a new one for the University of Colorado. For more than a decade, those duties had been carried out on a part-time basis by Dan Jones, the cybersecurity chief at Colorado’s flagship campus in Boulder. Jones will continue on as associate vice chancellor for integrity, safety and compliance in Boulder, according to a university press release.
“Dan has been an incredible partner to all campuses and system over the years and I cannot thank him enough for his leadership and support,” University of Colorado CIO Scott Munson said.
Among his recent work, Jones was credited for overseeing CU’s addressing the Log4j vulnerability that’s affected networks around the world. The University of Colorado has not been immune to cyberthreats, though: Last year, it was one of dozens of entities affected by a breach of the Accellion file-transfer application, with more than 300,000 records exposed.
During his 10 years at the New York Fed, Capps served as vice president and director of technology and risk compliance. Before that, he worked at Fordham University as director of IT planning and strategy.
In his new role at Colorado, Capps will oversee reporting and implementation of technology controls, risk assessments and compliance. He’ll also be overseeing the campus CISOs in Boulder, Denver, Colorado Springs and the medical school in Aurora.
“Each campus will have unique needs, I’m sure,” he said in the press release. “I see the CISO role as being a trusted partner — meaning first, we have to understand the needs of each campus and its priorities, how security impacts them, and how we can support them as a partner.”