Skip to content



WEBCAST: Protecting Your Organization Through Vendor Risk Management  3/7 @2PM ET

In this digital age, higher education institutions face the challenge of safeguarding their privacy and protecting their data from potential breaches. Join Paul Morales, SVP of Information Security and Technology at Honorlock, and Kirk Corey, Director of Policy and Privacy at the University of Iowa, as they discuss how to navigate the unique challenges of building a risk management program and how to successfully leverage a risk matrix.

Sponsored by


Key Takeaways:

  • Tips to build a risk management program that fits your institutional needs
  • How to successfully use a risk matrix to improve security posture
  • How to encourage faculty to utilize the security review process

Kirk Corey
Director of Policy and Privacy, University of Iowa

Kirk Corey is the Director of Policy and Privacy within the Information Security and Policy Office at the University of Iowa. His work in this role includes oversight and guidance for policy and processes related to IT accessibility, privacy, PCI-DSS, research compliance, data governance, and risk management, serving as the facilitator of the university’s Information Risk and Policy Council. He is an active participant in Educause and the Big Ten Academic Alliance, and serves as a consultant to other universities as well as software vendors and service providers. Prior to joining the University of Iowa, Kirk served as the Director of IT for a company specializing in software development and manufacturing.

Paul Morales
SVP of Information Security and Technology, Honorlock

Paul Morales is a SVP of Information Security and Technology that leads Honorlock’s software and operations technology initiatives with a “security-first” approach. In a short period Paul has been able to lead multiple technology initiatives such as the tightening of vendor controls, implementing risk-based decision making, and reduction of attack surfaces by 30%. Paul is a member of the South Florida Society for Information Management, Association of Test Publishers ATP, and NCTA/ATP technical working group (TWG) for the development of joint standards for the online proctoring of computer-based tests. Paul has held numerous roles in the information security technology world including software, healthcare and aviation/defense.

Moderator – Kevin Hogan
eCampus News, Editor-at-Large


Kevin is an acclaimed writer, editor, and commentator covering the intersection of society and technology, especially education technology.