Frequently Asked Questions (FAQ) about CampusCISO

If you have other questions not addresed here, we're happy to set up a free consultation. Just use the link below to get started.

About CampusCISO

Our advisory services aim to help colleges and universities improve their cybersecurity posture by providing affordable cybersecurity planning solutions. We believe that every school should have easy access to expert guidance, and we intentionally created a business model that ensures even schools without large budgets can take advantage of our services.

Our team of experts has decades of experience in helping higher education institutions simplify and strengthen their cybersecurity strategies. We are committed to providing you with the best possible advice and support to help you achieve your cybersecurity goals.

Our advisory services were developed in consultation with higher education leaders to support the unique needs of colleges and universities. We designed our services to simplify how college and university CIOs and CISOs plan their cybersecurity strategies, although other leaders such as CFO, risk management, and audit executives have also used our services and provided feedback.

We offer a range of low-cost online resources that all colleges and universities can take advantage of. Our team of experts is committed to providing you with the best possible advice and support to help you achieve your cybersecurity goals.

CampusCISO believes in a pragmatic approach to cybersecurity. We understand that every institution has unique needs and constraints, and our advisory services help you make informed decisions that align with your institution’s specific circumstances.

We want to help you make informed decisions about how and where to invest your limited resources in new tools and services. Our CYBER HEAT MAP assessment lets you see how vendor solutions fit into a repeatable cyber resilience planning framework, so you can identify areas where you might have gaps or redundant solutions.

About CampusCISO Advisory Services

Our Advisory Services are designed to empower you. We won’t do the work for you, but we’ll provide expert guidance and feedback to help you navigate the unique cybersecurity landscape of higher education. As your trusted advisor, we’ll collaborate with you to evaluate your cybersecurity program, understand complex frameworks like NIST 800-171, and make informed decisions about new investments. Our goal is to equip you with the knowledge and tools necessary to confidently lead your institution’s cybersecurity program.

Our advisory services are provided by Chris Schreiber, a seasoned leader in higher education with over two decades of experience in leading university technology and information security programs, including multiple university CISO roles. 

Chris’s deep understanding of the unique needs of higher education makes him an invaluable resource for your institution.


Our advisory services are designed to support the individual responsible for managing your institution’s cybersecurity strategy. This could be the CISO, CIO, CTO, or another executive with cybersecurity responsibilities. We work with both new and experienced executives who value having a trusted advisor to use as a sounding board as they navigate and plan their strategies. Our services are tailored to fit your specific needs and desired outcomes.
Our advisory services provide guidance and advice to evaluate and plan your strategy. We work alongside you, offering valuable perspective and helping navigate unique challenges, such as cultural differences in higher education versus other verticals. Unlike a vCISO or consultant who may assume operational responsibilities or manage specific projects, we focus on providing you with the right guidance and advice.
Our advisory services can work with a vCISO or a consultant. The different services are not mutually exclusive and can complement each other based on your institution’s needs. For instance, if you hire a vCISO who has little experience in higher education, our team could help them navigate the cultural differences. This collaborative approach ensures that all aspects of your cybersecurity strategy are effectively addressed.

You usually hire consultants to execute and complete specific project tasks. CampusCISO serves as your strategic partner and advisor. We offer advice and guidance drawn from our extensive experience working with multiple institutions, supporting you in assessing potential projects and navigating any challenges that may arise.

Remember, the final decisions about how to manage your information security program always rest with you. Our role is to empower and assist you as you navigate the complexities of managing cybersecurity at your institution. A consultant’s role is to implement the specific projects you’ve contracted with them to complete.

We offer advisory retainers as a one-year engagement.

In person Strategy Workshops usually span two consecutive days with up to 4 hours per day of assistance. Based on the evolving needs of your institution, we can extend or renew engagements.


CYBER HEAT MAP is a cybersecurity capability assessment tool that helps assess your current cybersecurity capabilities and plan for future improvements. All CampusCISO membership plans provide access to the CYBER HEAT MAP assessment. All coaching engagements use the CYBER HEAT MAP framework to facilitate the coaching engagement.

CYBER BRIDGE is a set of collaboration tools created by CampusCISO to connect CampusCISO members with their peers at other institutions. 

CYBER BRIDGE tools enable members to contribute vendor reviews to help other institutions research vendor options. Members can earn points for their institution by providing information that contributes to this shared knowledge repository. 

CampusCISO relies on crowd-sourced input from members. This fosters collaboration and the open exchange of ideas. For example, the vendor solutions directory is 100% sourced from requests received by members. Vendors cannot ask to be added to the directory. 

All members can access the CYBER BRIDGE tools to contribute vendor reviews and take part in other collaboration opportunities.

Payment Methods

You can purchase CampusCISO Memberships online using a credit card. For coaching retainers and for institutions that cannot pay by credit card, we can also accept purchase orders.

Data Ownership

When an institution creates an account, the account manager has full control over their assessment details. The institution owns their assessment details, while CampusCISO owns the benchmarking data derived from the assessments. As part of our service, we aggregate anonymized assessment information to create benchmarking data that benefits the entire member community.

When we aggregate the benchmarking data, we identify the contributing institution based on a combination of 3 values:

  • Public vs Private institution;
  • 2 year or 4 year institution; and
  • the number of students using the 5 size buckets assigned in the US Department of Education IPEDS database.

Absolutely not! Your assessment details belong to your institution, and are only shared with those you invite to collaborate with you.

When individual users who complete a Skills Assessment as part of the CYBER HEAT MAP assessment, the skills inventory data is associated with that individual user. 

Each user has full control to add or remove their assessment answers. If a user is deleted from the system, we permanently delete all of their associated skills inventory answers. We do not incorporate individual skills inventory answers in the benchmarking dataset.

Have a question we didn't address on here?

If you have questions about how CampusCISO might be able to help you at your institution, the best option is to setup a call so we can explore your needs further.

You can setup a free consultation using the link below.

Learn more with a Free Consultation

Curious about how we can help with your cybersecurity planning?

Book a free consultation and we'll explore your needs to see ways CampusCISO can assist your institution.