Will that data breach be the end of a chief security officer (CSO)? Managing information security in higher education requires more than just technical expertise, especially when the heat is cranked up. This article takes a look at how two CSOs deal with hack attacks at their universities. When Purdue University Chief Information Security Officer (CISO) Scott Ksander finds himself having to explain a security breach to university execs, he tries to help administrators understand, instead of attempting to defend himself. His primary goal: to help them have confidence in his group to manage the problem quickly, and thus have confidence in "him". For Montana State CSO Adam Edelman, providing "meaningful metrics" helps people understand the nature of the threats faced in a university environment.