Skip navigation
Partner Stories

Colorado State University Strengthens Cybersecurity with EAB

type
Public, Research University
location
Fort Collins, Colorado
undergraduates
26,000
postgraduates
6,700
  • “”

    Background

    Colorado State University (CSU) faced mounting external pressures related to cybersecurity and compliance. With the Department of Defense (DoD) requiring institutions engaged in federal contracts to meet Cybersecurity Maturity Model Certification (CMMC) standards, CSU had to transform its distributed IT organization to align with compliance requirements. The Board of Governors set an aggressive deadline for a security alignment plan by December 2024 and implementation by October 2025. CSU leadership, including the VP for Research and the Division of IT, recognized that this change would require both organizational restructuring and campus-wide buy-in.

  • “”

    Outcome

    With EAB’s continued partnership, CSU successfully aligned its IT organization around cybersecurity priorities, producing a comprehensive plan that addressed findings from state and federal audits. The Board of Governors approved CSU’s new IT structure, ensuring compliance with CMMC standards and strengthening the university’s ability to secure future research contracts. By October 2025, CSU will have transitioned more than 200 distributed IT staff into a centralized model, enhancing consistency, security, and resilience across the institution.

Steps to CSU’s Success

  1. Initial Consultations Positioned CSU for Security Alignment

    EAB experts worked with CSU leadership, including the VP for Research and CIO, to reframe cybersecurity not only as a compliance issue but as a competitive advantage for securing ~$170M in DoD research funding. This repositioning tactic helped CSU leadership and faculty understand the high stakes involved.

  2. EAB-Facilitated Forums Built Transparency and Engagement

    EAB and CSU co-hosted an open forum with ~40 stakeholders across IT, HR, Finance, and Research. By broadening communication channels, CSU reduced apprehension, countered rumors, and built trust across campus during the reorganization.

  3. Benchmarking and Peer Insights Informed Structure

    Drawing on benchmarking facilitated by EAB for UC Boulder and University of Northern Colorado, and a peer consultation with Texas A&M, CSU adopted a shared services model—consolidating common IT roles while retaining specialized developers in departments. This tactic balanced compliance with academic flexibility.

  4. Cabinet-Level Strategy Sessions Secured Buy-In

    EAB presented the national landscape and CMMC pressures to CSU’s President’s Cabinet, reinforcing the why behind cybersecurity alignment. This sessions provided context for the leadership team around the benefits of the alignment initiative and the expected positive outcomes.

More Stories

Great to see you today! What can I do for you?