Andrew B. Morrow, M.B.A., M.S.I.S.

Andrew B. Morrow
Lecturer in Cybersecurity, School of Business Administration
Program Coordinator, Bachelor of Science in Cybersecurity Analytics and Operations
Program Coordinator, Bachelor of Science in Security and Risk Analysis
Office Phone
Office Location
Olmsted Building, E335
E335 Olmsted Bldg
Middletown, PA 17057-4898

    Andrew Morrow is a Lecturer of Information Science and Technology (IST) and a faculty member of the Penn State Harrisburg School of Business Administration (SBA). Mr. Morrow holds B.S. degrees in Information Systems and Management, a M.B.A and a M.S. in Information Systems from Penn State Harrisburg. He holds numerous industry certifications including a CISSP, CCSP, CISA, and PMP.

    Mr. Morrow has over 25 years of experience and has served in a variety of technical, senior management and consulting positions. He has held positions in applications development, database administration, network administration, systems administration, cybersecurity, auditing, IT governance and business continuity. He also has numerous years of experience in senior management positions including Vice President of IT, Chief Information Officer and Chief Technology Officer for both public and private sector organizations. At Penn State, Mr. Morrow is responsible for developing and conducting undergraduate-level business and IST classes focusing on cybersecurity, computer forensics, incident handling and response, information security, networking and telecommunications, decision theory and analysis, risk management, and project management. He has lectured on topics related to cybersecurity, networking, management, leadership and a variety of issues involving the use of information technology in business.

    Mr. Morrow also manages his own consulting company providing IT consulting and training services in topics including security, governance, business continuity and auditing.

    Professional Affiliations

    • (ISC)² - International Information System Security Certification Consortium
    • EC-Council
    • ISACA - Information Systems Audit and Control Association
    • PMI - Project Management Institute

    Professional Certifications

    • (ISC)² Certified Cloud Security Professional (CCSP)
    • (ISC)² Certified Information Systems Security Professional (CISSP)
    • (ISC)² Information Systems Security Architecture Professional (CISSP-ISSAP)
    • (ISC)² Information Systems Security Engineering Professional (CISSP-ISSEP)
    • (ISC)² Information Systems Security Management Professional (CISSP-ISSMP)
    • (ISC)² Systems Security Certified Practitioner (SSCP)
    • EC-Council Certified Chief Information Security Officer (C|CISO)
    • ISACA Certified Information Systems Auditor (CISA)
    • ISACA Certified Information Security Manager (CISM)
    • ISACA Certified in the Governance of Enterprise IT (CGEIT)
    • ISACA Certified in Risk and Information Systems Control (CRISC)
    • ISACA Certified Data Privacy Solutions Engineer (CDPSE)
    • PMI Project Management Professional (PMP)
    • PMI Agile Certified Practitioner (PMI-ACP)
    Research Interests


    Risk Analysis and Management

    Network Security

    Information Security

    Computer and Cyber Forensics

    Homeland Security


    Ph.D. candidate, Public Administration (Homeland Security), (Penn State University)

    M.S. in Information Systems (Penn State University)

    M.B.A., (Penn State University)

    B.S. in Information Systems (Penn State University)

    B.S. in Management (Penn State University)

    A.A. in Accounting (Harrisburg Area Community College)

    A.A. in Computer Applications (Harrisburg Area Community College)

    Course Schedule
    CYBER 100 Computer Systems Literacy
    CYBER 262 Cyber-Defense Studio
    CYBER 342 Incident Handling and Response
    CYBER 362 Security Analytics Studio
    CYBER 366 Malware Analytics
    CYBER 440 Cybersecurity Capstone
    IST 220 Networking and Telecommunications
    IST 432 Legal and Regulatory Environment of IST
    IST 440 Integration Capstone
    IST 451 Network Security
    IST 454 Computer and Cyber Forensics
    IST 456 Information Security Management
    SRA 111 Introduction to Security Risk and Analysis
    SRA 221 Overview of Information Security
    SRA 231 Decision Theory and Analysis
    SRA 440 Security and Risk Analysis Capstone
    SRA 472 Integration of Privacy and Security
    MIS 204 Introduction to Business Information Systems
    MIS 448 Business Telecommunications
    MATH 003 Basic Skills
    MATH 004 Intermediate Algebra
    MATH 021 College Algebra I
    CMPET 401 Data Communication and Networking
    CMPET 402 Data Communication and Networking Laboratory
    CMPSC 436 Communications and Networking