Press "Enter" to skip to content

A conversation with Jeremy Livingston, new IT security chief at Stevens

Jeremy Livingston joined the Stevens Division of Information Technology (IT) in January 2021 as the new Chief Information Security Officer (CISO). He has over 20 years of extensive experience in information technology and security across multiple organizations such as the United States Navy, the White House, for-profit and nonprofit private organizations, and as an adjunct cybersecurity professor in academia.

To find out more about his role at Stevens, The Stute interviewed Livingston. Here is what he had to say:

Q: Let’s start with a little about your personal self, Jeremy, the person?

A: Sure. I like to read, especially if it is a required thing for an information security professional to be up-to-date with the latest happenings on the security front. I enjoy weightlifting and also trekking/hiking weekly, which is often on the Appalachian trails.

Q: What is most exciting about your new role at Stevens?

A: I am most excited about the possibility to make positive change. The [Chief Information Officer] and IT leadership are giving me the support that I need to really make a difference. I’m looking to partner with faculty, staff, and students to transform how we secure our data and systems. In the coming months, you’ll see additional details as we form groups to partner with everyone and work together as one team to be more secure as part of our “Protect Stevens” initiative.

I am looking to run initiatives with town hall style meetings to connect with the student community at large. And, hopefully, also work to provide a hands-on experience to students with information security internships or projects.

Q: Can you tell us about the challenges related to information security in a university setting?

A: A university, by necessity, must allow for the sharing of ideas and knowledge, which today translates into data sharing and collaboration tools. The open sharing of information might seem at odds with information security, but when done properly I think you can find solutions that work for everyone. In the last few years, the education sector has become a target for hackers and cyber-extortionists using ransomware and denial of service attacks. The goal isn’t to become so secure that the systems are unusable, but to make ourselves resilient and agile enough to detect those attempts and stop them before they become major concerns.

Q: Any message to the students about how they can contribute towards better information security practice?

A: Students can be instrumental in helping us avoid attacks. As the users of systems, they’re most likely to notice when something happens, and we ask that they report any suspicious behavior to the help desk as soon as possible. Also, report phishing emails to phishing@stevens.edu. We can then block those so everyone else doesn’t get them. Some of the latest research shows that almost 90% of all attacks require some form of user interaction (either clicking the link or opening an attachment) so the better prepared our students and faculty are, the more secure we are as a university. I also want everyone to know that they can reach out to me directly if they ever have questions or concerns; I really do love to hear feedback and suggestions! You can reach me at jlivings@stevens.edu.

At an individual level, do think about what you do online and where you share information. Whether it be personality quizzes or dating apps, being cautious would make a difference. Avoid falling for these common data mining traps and practice basic cyber hygiene of not using the same password everywhere. To help protect our students, we are giving everyone access to LastPass (for personal and professional use), and starting a training program through KnowBe4 in the coming months. Stay tuned!

Q: What is your guiding philosophy on planning your career? Any advice for students about deciding their career?

A: I had an early interest in technology and computing. Based on that, I was offered a technical role related to information security in the U.S. Navy. I am glad that it worked out. I believe one should be willing to take a leap of faith at times in the direction that you want your career. Not everything can be known in advance. And importantly, you also need to work hard to be successful and make efforts in networking and getting to know people. These have worked for me to shape up my career over the years.

Q: Any advice on information security as a career choice for students?

A: Information security is a fantastic career choice. It’s exciting and gives you a sense of “doing good” in the world, but also offers great potential growth in the job market. For the next 20 to 30 years, I see it as a growth industry. There’s a huge demand for talented cyber-professionals in the workforce.  Stevens has an amazing Cybersecurity degree program, and it’s my goal to work with those students and faculty as we build partnerships to offer student work programs in our security program as well as provide a forum for discussion moving forward. The biggest challenge in this field is figuring out how to keep things secure, usable, and functional all at the same time and more so than any other field, one needs to continuously read and learn to keep oneself up-to-date. Apart from subreddits, some interesting web resources I can list:
https://krebsonsecurity.com/
https://www.darkreading.com/
https://nakedsecurity.sophos.com/

Q: Any comments on the impact from the COVID-19 pandemic on information security practices?

A: The pandemic has shifted the way we do many things. In the past, the firewall and intrusion prevention systems (IPS) on networks were the guardians of our data, but with a distributed workforce and students, most are not connecting through those methods of defense. Your laptop or desktop has become the new “frontline” in the battle for security. 

Editor’s Note: All answers presented in the “A” paragraphs were paraphrased from the interview with Livingston.

Be First to Comment

Leave a Reply