James Gagliarducci, Director of Information Security, an electrical engineer by training and a security whiz by experience and certification, started out designing radar systems for the Department of Defense. He joined WashU IT as a network engineer in the 90s. Remembering those days, James says, “I loved it.”
When the Health Insurance Portability and Accountability Act (HIPAA) was passed by Congress in 1996, he started taking on security duties to help protect Medical School data. After several years with one foot in network engineering and another in security, he went all-in with Information Security, earning Systems Security Certified Practitioner (SSCP) and Certified Information Systems Security Professional (CISSP) certifications.
These days, James spends most of his time working on Cybersecurity Maturity Model Certification (CMMC) compliance, helping to safeguard sensitive national security information at WashU. He also builds security architecture, assesses risk, and applies security frameworks throughout WashU’s Infosec program. He reports that meeting information security compliance requirements can be complicated; there’s no “one size fits all” approach. “That’s okay,” James says, because “we decide as a community” the right balance for implementing security requirements. In the next five years, James anticipates more government regulation to deter cyber theft and greater use of automation and AI to stay ahead in the cybersecurity arms race.
As evidenced by diverse career experiences, James is an avid learner. That’s why he loves working at WashU. He says “WashU fosters an environment where, if you like to learn, the opportunities are endless.” He doesn’t just learn at work, though. In his free time, he works on developing his guitar skills. He also enjoys listening to classic rock while cooking, doing home improvement, and hanging out with family and friends.