Shawn Guffey

I shifted into IT later in my career but after I had picked up an undergraduate degree on cybersecurity (also a late career thing to do).  I've worked in a few different retail environments with various roles which has given me broad experience in dealing with different stakeholders.  

For the past few years, I have been working at the Georgia Tech Research Institute (GTRI) within the Information Systems (Central IT) team to assist in meeting regulatory compliance.  As an applied research entity, we deal with a number of customers across federal, state, local, and other private-sector entities.  My role in meeting compliance has a lot of parallels with cybersecurity due to the types of regulations we have to follow.  We are subject to HIPAA/HITECH for healthcare related projects, FERPA for student information, a range of Department of Defense regulations, export regulations (ITAR), University System of Georgia mandates, and other State mandated requirements.  

That may not sound as exciting as any of the engineering tasks that surround cybersecurity, but administrative oversight is also very important.  If there is an administrative topic related to this subject, then I can likely talk about it.  That includes crafting policies, procedures, and various kinds of strategic business plans.  

The MICS program mirrors a lot of my undergraduate which I have found invaluable in being successful in my role.  There is always room to learn more technical disciplines within this field.  Adding some more knowledge there expands how I can approach solving some of the business problems I face in my day-to-day.