Main Navigation

Interim chief information security officer named

UIT is pleased to announce that Corey Roach has been named Interim Chief Information Security Officer effective Friday, July 12, 2019.

UIT is pleased to announce that Corey Roach has been named Interim Chief Information Security Officer. Roach comes to the appointment from his position as Enterprise Security associate director in the University of Utah’s Information Security Office (ISO).

University of Utah Chief Information Officer Steve Hess said, “We’re extremely pleased to have Corey Roach serving as Interim CISO for the university and U of U Health. His qualifications and expertise are exactly what we need while we conduct a search for a permanent CISO.”

Chief Information Officer for University of Utah Health James Turnbull agreed, “Corey’s strategic and tactical knowledge of the modern information security landscape, particularly as it intersects with health care and patient privacy, is perfectly aligned with our ongoing enterprise security strategy and day-to-day operations.

Roach steps in for outgoing CISO Randy Arvay, who is taking on a new role as CISO at Duke University Health System in Durham, North Carolina.

Roach’s office will continue to be at 102 Tower. In his interim role, he will oversee information security, privacy, compliance strategy and operations for main campus and hospitals and clinics. His team includes 32 staff members in Enterprise Security, Security Assurance, Governance, Risk and Compliance and Identity & Access Management.

“I’m fortunate to work with so many self-motivated professionals in the Information Security Office,” Roach said.

Roach, a Utah native, has more than 16 years of information security experience in higher education, research and health care. As the U’s Enterprise Security team leader since 2014, he provided technical and strategic guidance during the development of the university’s revised Information Security Policy (4-004), evaluated and acquired enterprise-class security tools that significantly reduced the dwell time of malware or compromises, and coordinated post-incident forensics and impact analysis. Prior to that position, Roach served other IT and security roles at the U, including senior data security analyst in ISO and IT manager for the Office of Residential Living.

In addition to completing numerous professional training courses, Roach is a certified information systems security professional (CISSP) and information systems auditor (CISA).