Cyber Savvy: Securing the Education Sector from the CTO of New Trier Township HS District 203

Discover key industry trends and insights from cybersecurity leader Michael Marassa, CTO of New Trier Township High School District 203.
March 25, 2024

We are excited to introduce Cyber Savvy, a brand-new blog series that dives deep into the minds of renowned cybersecurity experts. Through a series of questions posed to these information security leaders, we’ll hear new perspectives on the evolving threat landscape and get a firsthand account of their unique challenges and triumphs throughout their careers.

With each installment, we aim to foster an environment for learning, sharing, and engaging in meaningful conversations related to cybersecurity. Whether you're a seasoned CISO, an aspiring security analyst, or simply looking to hear from others in the industry, this series is for you.

For this first article, we spoke with Michael Marassa, Chief Technical Officer (CTO) of New Trier Township High School District 203 in Illinois. Michael is a seasoned technology leader with a wealth of expertise in computer science and extensive experience in the public sector. He has been instrumental in modernizing New Trier Township's technology infrastructure, providing robust cybersecurity measures, and harnessing emerging technologies to address evolving needs. As CTO, Michael remains committed to driving technological excellence and fostering digital resilience in an ever-changing landscape.

Here’s what he had to share about his experience.

What are your biggest concerns or challenges as a CTO?

A: As the CTO of a large school system, the risk of external and internal threats is 24/7, and an ongoing challenge to keep our organization protected from bad actors. We are also a flagship district, and so any cybersecurity incident would bring not only ‌national attention, but also cause distrust of a high-performing school system.

What new challenges do you anticipate in the coming year?

A: I feel the new challenges will be integrating new systems as they develop and continuing to leverage SSO and best-practice expectations with so many users. I would love to move to an environment where high school students are using MFA and SSO for their primary applications so that we can better secure the entire district environment.

How is your team adapting to the evolving threat landscape?

A: As an educational institution ourselves, we see the value in continuing education and are committing to it as a security organization. This starts first with ongoing learning through our vCISO partnership as well as knowledge gathering from peer CTOs. As the landscape evolves, knowing what other leaders are facing and how they’re responding is incredibly important to creating our own strategy.

What are your biggest goals for the coming year?

A: I’m aiming to move to an AI model for quarterly pen testing, and table-top exercises for my technical and leadership team. By harnessing the power of artificial intelligence, we can streamline the identification of vulnerabilities, ensuring that our systems are rigorously tested and fortified against potential breaches on a regular basis.

What new trends in cybersecurity excite you right now?

A: I’m excited by the responsiveness of AI and its ability to recognize threat patterns, typical communication styles, and recipients. This combats bad actors using AI to carry out their attacks.

Editor’s Note: We’re talking a lot about this in our Convergence of Cybersecurity + AI limited web series. Check it out here to see how bad actors are using AI, what types of AI is needed in response, and how leading CISOs are using AI to secure their organizations.

What advice do you have for other CISOs or aspiring CISOs?

A: Training your staff is crucial. Ensure you have a cybersecurity incident response plan in place, regularly practice it, adopt a zero-trust model, and implement business-class security standards in K-20 education.

Want to learn more from Michael? You can connect with him here, or learn more about his work for New Trier Township High School District on their website.

Coming Up Next

In the next installment of Cyber Savvy, we will chat with Alex Green, Chief Information Security Officer (CISO) of Delta Dental Plans Association, to learn more about his experience leading security strategy for a huge dental insurance provider in the United States, where he protects the data of more than 80 million members.

Cyber Savvy: Securing the Education Sector from the CTO of New Trier Township HS District 203

See Abnormal in Action

Get a Demo

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.

Get AI Protection for Your Human Interactions

Protect your organization from socially-engineered email attacks that target human behavior.
Request a Demo
Request a Demo

Related Posts

B 07 22 24 MKT624 Images for Paris Olympics Blog
Threat actors are targeting French businesses ahead of the Paris 2024 Olympics. Learn how they're capitalizing on the event and how to protect your organization.
Read More
B Cross Platform ATO
Cross-platform account takeover is an attack where one compromised account is used to access other accounts. Learn about four real-world examples: compromised email passwords, hijacked GitHub accounts, stolen AWS credentials, and leaked Slack logins.
Read More
B Why MFA Alone Will No Longer Suffice
Explore why account takeover attacks pose a major threat to enterprises and why multi-factor authentication (MFA) alone isn't enough to prevent them.
Read More
Learn how Abnormal uses natural language processing or NLP to protect organizations from phishing, account takeovers, and more.
Read More
B DK Compromise 7 11 24
Discover the top five ways hackers compromise accounts, from exploiting leaked API credentials to SIM swapping partnerships, and more. Learn how these techniques enable account takeover (ATO) and pose risks to enterprises.
Read More
B Sans Recap 7 11 24
Discover trends among modern SOC teams, including misaligned budgets, increased automation, unsatisfactory AI tools, staffing issues, and more.
Read More