Georgia Tech is bringing in fresh leadership for its cybersecurity strategy, naming Joseph “Joe” Lewis as its new Associate Vice President of Information Technology and Chief Information Security Officer (CISO). The move comes after a national search and signals the institute’s intent to strengthen its security posture amid growing digital threats.

A Leader with a Proven Track Record

Joe Lewis isn’t new to high-stakes security. He brings more than 20 years of experience spanning federal agencies, defense environments, and academic institutions. That range matters. From safeguarding national security systems to handling sensitive university data, Lewis has built a reputation for developing resilient cybersecurity frameworks that scale.

His career has been grounded in core security pillars—governance, risk management, compliance, incident response, and cybersecurity training. He’s led diverse teams through rapidly changing digital landscapes, managing everything from data breaches to complex regulatory audits. For a research powerhouse like Georgia Tech, that kind of steady leadership is exactly what’s needed.

What He’ll Be Doing at Georgia Tech

Lewis officially steps into the role on July 28, 2025. His job won’t just be about firewalls and passwords. As CISO, he’ll shape the overall cybersecurity strategy for the entire institute. This includes overseeing security policy, managing risk assessments, coordinating incident response, and ensuring the university stays compliant with federal and industry standards.

But beyond the technical scope, Lewis is expected to align cybersecurity with Georgia Tech’s broader goals, supporting research, protecting student and faculty data, and enabling secure innovation. He’ll work closely with IT teams, academic departments, and administration to build a more unified and proactive approach to cyber defense.

Filling Big Shoes and Moving Forward

Lewis takes over from Leo Howell, who served as CISO beginning in 2021 and later moved into an interim leadership role as Vice President for IT. Howell brought deep experience from previous stints at the University of Oregon and NC State, and he helped navigate Georgia Tech through evolving cyber challenges during his tenure.

Now, as Howell transitions out of the interim position, Lewis steps in with a clear mandate: build on that foundation and take the institute’s cybersecurity efforts to the next level.

Why This Move Matters Now

Cyber threats have grown more complex, and higher education has become an increasingly attractive target. Universities like Georgia Tech not only hold sensitive personal data but also manage massive research operations that rely on uninterrupted and secure access to digital tools.

This appointment comes at a critical time. Georgia Tech is expanding its use of cloud computing, artificial intelligence, and data-driven research—all of which introduce new security challenges. Lewis’s background suggests he’s well-equipped to handle that complexity while balancing the needs of a diverse academic community.

Looking Ahead

In his first few months, Lewis will likely focus on reviewing Georgia Tech’s current security landscape, identifying gaps, and setting new priorities. Expect to see renewed attention on areas like threat detection, identity and access management, and campus-wide cybersecurity awareness.

His appointment is more than just a leadership change, it’s a strategic decision to ensure Georgia Tech stays resilient in an increasingly digital and vulnerable world.