ISCAP Proceedings: Abstract Presentation
The AI-Enhanced Multi-Agent Model of Cybersecurity Governance in Higher Education
Jemell Garris
City University of Seattle
Cris Ewell
City University of Seattle
Sam Chung
City University of Seattle
Abstract
This paper proposes a modular, AI-powered Multi-Agent Framework designed to operationalize cybersecurity governance within higher education institutions. Building on prior research that highlights cultural enablers and barriers to incident response, this framework proposes a technical layer to bridge the gap between policy, culture, and operational enforcement. Each agent corresponds to a NIST cybersecurity control family (e.g., Identify, Protect, Detect) and collaborates to monitor compliance, ingest logs from systems such as Active Directory, Canvas, Okta, and Linux, and recommend or execute policy-aligned interventions. A lightweight policy translation layer converts institutional cybersecurity policies into machine-enforceable logic, allowing for adaptation to institutional contexts via configurable YAML profiles. The framework employs reinforcement learning to optimize agent behavior in response to evolving campus dynamics. While not part of the original cultural analysis, this model offers a scalable, actionable mechanism for institutions seeking to reduce the execution gap between policy intent and operational practice, especially in resource-constrained academic environments. The system’s modularity also enables interoperability across multiple compliance frameworks, including NIST 800-171, NIST CSF, CMMC, and ISO 27001.