In the early 1990s, the launch of Microsoft Windows and introduction of the World Wide Web set Mark Herron on an unexpected path that would take his career from that of a high school science teacher to a Chief Information Security Officer (CISO).
Though Herron graduated from John Carroll University with a master’s degree in biology, he had an interest in computers—not necessarily in how they operate, but rather in their ability to connect to other devices. The invention of the graphical user interface and the first-person computer games that soon followed left Herron especially intrigued with networking, so much so that he focused his career exclusively on the field.
“With these advancements came the question of security,” said Herron. “Once everything is connected and out there, how do you keep others from getting into it?”
Herron focused his pursuits on coaching students in the Gilmour Academy computer lab to achieve roles in networking, information security and compliance in higher education and medical fields—and worked himself at Case Western Reserve University from 2010 to 2015. Herron returned to the university as CISO in March 2021, only the third person to hold this title.
Information security at Case Western Reserve
Leading the Information Security Office, Herron challenges his team to focus on two major areas of support: Protecting the university against cyber attacks and responding to incidents; and offering compliance and project consulting insight on security measures and data collection and storage.
As Herron succinctly notes in his email signature, his office’s role is to “keep the bad actors out; verify the trusts; support the creation and sharing of knowledge and information as intended; and keep the university safe by protecting all our systems, data and users.”
Even though the cybersecurity field can seem complicated and difficult to navigate, Herron shared that most often the large breaches and hacks are caused by something basic and fundamental.
“It’s often not something out of Mission Impossible, but rather something basic like a machine that isn’t patched or information that isn’t behind a firewall,” said Herron. “If you do the basics, that is 95% of the work.”
Herron also shared that there are easy steps everyone can follow to help in the team’s efforts to safeguard information, practices such as installing the latest systems and security updates on your phone and computer, not using the same password across various platforms, running a personal firewall, changing any default passwords to something secret to you and password-protecting your device, using full disk encryption, leveraging two-factor authentication, and shutting down your computer when not in use. He also reinforced the importance of running an anti-virus client, backing up your computer regularly, and being conscious of when and how you’re sharing information and folders or drives.
“The basics are important,” said Herron. “There are people who are hacking at you. It’s not personal, they’re just hacking everything. With the internet, it’s not necessarily just you looking out, it’s also looking in.”
Get to know Herron in this week’s five questions, and stay tuned for more cybersecurity tips throughout the month of October as The Daily recognizes Cybersecurity Awareness Month.
1. What’s the most thought-provoking class you’ve ever taken?
It was an intermediate poetry class on romanticism through modernism that I took as an undergraduate at Oberlin College. I still read and pursue the things that we talked about to this day. It has sparked a lifelong interest and pursuit.
2. Where is the best place to spend a day in Cleveland?
In the [Cleveland] Metroparks, which is not one place, but rather a 50-mile ring. If I had to choose, Squire’s Castle is wonderful; I like riding my bicycle in Rocky River Reservation; and what they’ve done with Edgewater Park on the lakefront is amazing.
3. How do you like to start your day?
With coffee. But if that’s not enough of an answer, every day I check Google news and Slashdot for IT-related information and also read The Writer’s Almanac. Sometimes I’ll also read the English language homepage for Wikipedia, where I come across weird articles, histories, and things I would never think to look at.
4. What is the best advice you ever received?
Life is about good company. A lot of us define ourselves based upon what we do in the professional world, especially here in the U.S. Work can become your life, but there is a whole other aspect and a lot of what will last through your life are the friendships you make. Making and keeping lifelong friends usually requires getting off the internet.
5. What’s your favorite thing about Case Western Reserve?
I love the campus environment, the ability to walk around a beautiful campus and the complete mix of different kinds of people. There is a whole slice of human existence here. The feeling of being a part of it is fantastic and ties back to my earlier point of being in good company. A lot of really interesting people work and study here.
Also, my father graduated from the Case Western Reserve University School of Medicine and my wife is a graduate of the Frances Payne Bolton School of Nursing. There are family ties that go back quite a ways. I’m proud to be able to help pay back in service with what [these educations] allowed my father and wife to be able to do.