Shefali Mookencherry’s first priority is building relationships.
So when she joined the University of Illinois Chicago (UIC) as the school’s CISO and chief privacy officer in January 2023, that was the first thing she did.
“I met, within the first two months, about 400 people,” Mookencherry told IT Brew. “I had, every half hour on the hour, new people I was meeting.”
Patients zero. She’s still meeting people. UIC is a large institution, with nearly 34,000 students and 13,000 employees. The medical center has more than 550,000 visits a year. That’s a large pool of people whose security needs managing.
Being the CISO of an organization like UIC means protecting that population, and also handling the other concerns that come with the institution. Those include working with “every three-letter agency in the US,” Mookencherry said, and also managing the university’s global footprint.
“My job is looking at all three different categories—academics, research, and then healthcare—and it focuses on trying to secure and think about safety for the students, faculty, and protecting all the data assets, systems, and applications,” Mookencherry said.
Nonstop. At UIC, the work is never over. It’s not a nine-to-five, Mookencherry said, but a 24/7, 365. Calls come in for any number of needs, from accessing systems to logins. And the international aspect of the university’s mission, specifically when it comes to health, means that requests come at all hours.
“My issues don’t stop just between what typical work hours are,” Mookencherry said. “There are times where we are up at 2 am, going, ‘Hey, what’s that threat look like? Why is it happening?’”
Top insights for IT pros
From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.
Background stats. Before joining UIC, Mookencherry had a decades-long career working as a consultant for companies like Hayes Management Consulting and Encore Health Resources. Prior to that, she spent over 11 years as director of mManaged cCare oOperations at the Ann and Robert H. Lurie Children’s Hospital of Chicago. After three years with Impact Advisors, she joined Edward-Elmhurst Health as CISO in 2020, a position she held until taking on her responsibilities at UIC.
It wasn’t a surprise to her that she landed back in tech, she told IT Brew.
“My love, my life—besides family—is cybersecurity and privacy,” Mookencherry said.
Cash cache. The biggest difference between the public and private sectors is how Mookencherry works within a budget. In the public sector, it’s less of a budget and more of an expectation to account for every dollar spent and detail its specific use.
That took some getting used to, and those relationships built early on paid off.
“They are very different funding models, different thought processes,” Mookencherry said. “Because on the private side, it’s very much, ‘Here are the funds. Here you go. This is your budget. You’re all set. Go do it right.’ On the public side, you’ve got it for the year, now re-justify it…There's always this negotiation that has to happen.”