โ† Back to Schedule
Small college cybersecurity team building security momentum
Session 15

Building Security-Focused Momentum in IT at a Small College

Thursday, June 11, 2026 9:00 AM โ€“ 10:30 AM HMC ยท Shanahan 3460

About This Session

Kalamazoo College has only one FTE dedicated to information security โ€” and a workload far greater than one person can handle. Small and under-resourced colleges face the same cybersecurity threats as large institutions, but without comparable staffing, funding, or dedicated security resources. This session describes how Kalamazoo partnered with REN-ISAC on a facilitated Information Security Kickstart engagement to build the IT team buy-in needed to move closer to a security-by-default, privacy-by-design mindset.

The multi-day engagement introduced the IT team to information security fundamentals, best practices, and cybersecurity frameworks โ€” planting the seeds for a lasting cultural shift in how the institution approaches risk and security.

What the Kickstart Program Delivered

Security Fundamentals

Introducing the entire IT team โ€” not just the security lead โ€” to information security foundations, shared vocabulary, and threat awareness.

Cybersecurity Frameworks

Practical introduction to NIST and other frameworks as organizational tools โ€” not compliance checkboxes โ€” for prioritizing security investments.

IT Team Buy-In

How facilitated engagement creates shared ownership of security across the entire IT team โ€” not just the one person with "security" in their title.

Quick Wins

Immediate, zero-dollar improvements Kalamazoo made using community resources โ€” demonstrating progress without waiting for budget approval.

Learning Outcomes

  • Learn what the Kalamazoo College team experienced during the REN-ISAC Security Kickstart program โ€” the process, the content, and the cultural impact.
  • Hear what benefits can be gained by introducing IT colleagues โ€” not just security staff โ€” to security fundamentals through a facilitated engagement.
  • Assess whether a program like the REN-ISAC Security Kickstart may be the right fit for your institution's current security posture and team culture.

Session Description

This session describes how Kalamazoo College partnered with REN-ISAC to take meaningful, immediate steps to secure its environment using the resources already available. A small portion of the session (<5 minutes) addresses the value of REN-ISAC's Information Security Assessment and Advisory Services' InfoSec Kickstart engagements. The rest is a candid practitioner account of what changed, what was hard, and what other small colleges can realistically take from the experience.