Moore leads IT security with focus on collaboration, mission
Editor’s note: In celebration of Women's History Month (March 1 - March 31), UTHealth Houston is featuring outstanding members of our community.
Beverly Moore has a unique background for an information technology professional – at her core she’s a writer.
Her written and verbal communication skills, along with an insatiable curiosity and drive for learning and excellence, have been the backbone of her successful climb in the male dominated field of IT security.
“IT security operates primarily in the background, but it is critical to the missions of the university,” said Moore, associate vice president of information technology security and chief information security officer. “Patients trust the care UTHealth Houston provides and my team is part of their care team. Clinicians are the caregivers and we are the caretakers of their data. I’m passionate about that.”
In her role, Moore leads four IT security teams — security operations, identity and access management, risk management consulting and compliance; and security support in the schools.
“Our job is to ensure the university’s data and information is protected. We help manage risk for the organization, but to do that well, we must work with our community,” Moore said. “I can’t think of a better word than ‘partnership’ to describe what we do. In many organizations, IT security is viewed as the office of ‘no,’ but we take a consultative approach and work with our business sponsors and IT professionals to find reasonable and secure solutions.”
Moore didn’t initially envision a career in IT security. From a young age, she wanted to be a doctor.
“I’m a native Houstonian. I grew up in Third Ward, and the Texas Medical Center has had a major presence throughout my life,” she said. “When I was young, I volunteered as a candy striper, and that spurred my affinity for health care.”
Moore attended the renowned DeBakey High School for Health Professions. She also worked as a nursing assistant through high school and college, but found that she had a greater aptitude for writing than organic chemistry. She graduated cum laude with a degree in professional writing from the University of Houston-Downtown. After several Texas Medical Center internships, she was hired as a an editor in the Office of Research and Academic Affairs, primarily producing a campus research catalog and content for the Research Innovations magazine.
Moore’s journey into IT started with a broken computer in 1996. By happenstance, Moore had a conversation with the woman working on her machine. The Help Desk was looking to hire someone to put printed training manuals online. As a writer, Moore had some of the skills. She applied and was hired as a client support analyst for the IT Help Desk. She upskilled and became an IT trainer as well.
Four years later, she learned of another opportunity in IT. Data Processing had an opening for a disaster recovery and security analyst.
“I was honest when I interviewed for the position,” Moore said. “I didn’t know much about mainframes or any of the things that happen in data processing, but I was a writer, and the department needed a disaster recovery plan. Once again, my writing skills opened another door. I was told, ‘we can’t teach writing and communication skills, but we can teach you the technology,’ and so I jumped in and learned about mainframe security and the backend workings of information technology. I worked with smart people, and started taking security classes and educating myself in these areas.”
Moore wrote the disaster recovery plan, and when it was audited by the state it was adopted as standard for others across Texas. While in that position, Moore realized a new state mandate was going to triple the price of the UTHealth Houston disaster recovery contract. She wrote a detailed report, asking the state for a waiver. That report ended up being cited in a Wall Street Journal article and catching the attention of the then Chief Information Officer.
“The article characterized UTHealth Houston as the proverbial David going up against Goliath,” Moore said. “Using my writing skills, I was able to document every way this new vendor failed us. My goal was to fight bureaucracy because this mandate was going to cost the organization a lot of money while degrading our service. I learned that when things are not right, and you know they aren’t right, you don’t have to be in a high-level position to say something. If you see something, say something, and advocate for what is right. The right thing to do is not always the easiest thing to do. Integrity matters.”
That mindset led to her promotion as a senior information security analyst in IT security in 2008. Moore flourished, rising to manager, senior manager, Chief Security Officer ad interim, and then to her current post as Associate Vice President and Chief Information Security Officer since May 2020.
“I found myself creating processes to fill gaps in our security program, learning skills I needed to excel, and taking the opportunities to stretch and grow. I’ve remained inquisitive and open to feedback.”
Moore has attained several security certifications, including Certified Information Security Manager (CISM) and Certified Information Systems Security Professional (CISSP).
To be successful in IT, you have to be a lifelong learner. Technology evolves quickly, and best practices change.
Moore said she’s thankful for the peers who helped when she asked, and the leaders who offered her opportunities along her journey; including Barbara Legate, Bill Sun, Amar Yousif, Rick Miller, Kevin Dillon, and others.
“I had no problem being a worker bee, and I never aspired or saw myself in leadership,” she said. “You don’t get to places like this by yourself. You have to have people who support you, lift you up, and are willing to take a chance on you. When you get your chance, shoot your shot. Luck is a combination of preparedness and opportunity, and when opportunity presents itself, grab it and don’t let go.”
Even in an executive leadership role, Moore said she’s still learning new skills.
“The need for learning doesn’t stop once you get to this level; I’m still learning,” she said. “I’m very excited that at this point in my career I am mentoring others. I’ve learned that you can be a mentor and a mentee in the same body and space. Admittedly, I’ve learned as much from my mentees as they have from me: generational differences; the way they think and work, and how they use technology-- is different. It’s important to have those relationships.”
For a long period, Moore was the only woman in IT Security, but she has worked to hire qualified women into a department that is more diverse and inclusive of people with unique skillsets. Currently, nearly a quarter of the IT security team are women.
“Internships and mentoring have been instrumental in opening up non-traditional talent pools,” Moore said.
After nearly three decades of work, Moore said each day is fresh and challenging.
“UTHealth Houston is an amazing organization. With three missions, there is always something fascinating going on,” she said. “In IT security, no day is the same. We get to work with a community of innovative researchers, educators, clinicians, faculty, staff, and students. In the midst of it all, our job is to protect our data, enable the business and promote a positive security culture. I am grateful for the opportunity to serve the UTHealth Houston community."