Medha has over 27 years of experience in various aspects of Information Technology, Security, Auditing and Risk Management, spending over 15 years in the Financial Industry (at Banco Do Brasil, NY and then at Depository Trust Clearing Corporation in IT Audit) and over 12 years in the Education and Healthcare industry at Columbia University in Information Security and Enterprise Risk Management.
Medha Bhalodkar is currently the Chief Information Security Officer of Columbia University and has served as the university's first CISO since 2006. With growing responsibilities in functions and complexities over the last decade, Medha now leads multiple teams of information security and risk management professionals to manage Columbia's IT Policies, Application Security, Network Security (approx. 150,000 network nodes), Identity Access Management and IT Risk Management and Governance across Columbia’s 17 schools and 10 Global Centers. Medha has built a robust and dynamic security and risk framework for all 17 schools and 10 Global Centers with risk assessment results being reported to Columbia’s Trustee Audit Committee.
In 2014, Medha strongly advocated for the creation of a new Master’s degree program at Columbia, the Masters of Science in Enterprise Risk Management. Medha served as an advisor in the Program Design and Planning Committee and presented alongside Dean of Continuing Education at the first ERM Advisory Board Meeting. The program was approved in 2015 and helped set an industry precedent. Her goal was to emphasize the need to change executive approach to risk management, from assessing risk in silos to analyzing risk at an enterprise level in rapidly evolving global and regulatory environments. Subsequently, Medha was appointed as an Advisory Board Member of Columbia University’s Masters of Science in Enterprise Risk Management (MSERM) Program.
Medha is a recognized Risk Management and Information Security professional and serves on a number of governing bodies, steering committees of professional organizations and is a frequent panel speaker at major information security conferences. She holds a number of security certifications (e.g., CISA, CGEIT, CRISC, CICA, ITIL, and Cloud Security). Medha is proud of her role as a woman in IT, serves on Columbia University’s Women in IT Panels and has been a speaker at various women in technology conferences.
Medha was named the 2016 Global CISO of the Year (EC-Council), 2016 North America Information Security Executive of the Year (ISE) and the 2015 North America Information Security Executive of the Year (ISE) for her leadership and contributions to the information security space. Her team has been recognized for their foundational work in the academic and public sector receiving the North America Security Project of the Year twice, in 2015 for the creation of innovative IT Risk Management/Privacy frameworks and again in 2016 for their development and implementation of Perimeter Less Network Security.