Aaron Baillio
Chief Information Security Officer, University of Oklahoma
Over the last two years, Chief Information Security Officer, Aaron Baillio, has helped implement a centralised and standardised IT model within the University of Oklahoma, saving millions on costs, drastically increasing the protection of students and staff, and equipping departments such as the research teams to expand their capabilities.
When exploring his past, Baillio is shown to have spent 11 years with the Department of Defence, so the transition to academia was far from a typical one.
“I'm not sure there are two industries that are more opposite than the military and higher education. The Department of Defence is very focused on keeping secrets and keeping things locked down, whereas, in higher education, it is culturally designed to provide answers, collaborate, and share. So it was a huge culture shock when I made that transition,” says Baillio.
One thing that helped Baillio from his days in defense was the strict focus on the goal at hand, looking very clearly at where the institution was and identifying the steps that could take the university to its goal. This has involved a lot of policy change over the last seven years.
Not so different after all?
“It was interesting because I was not actually looking to transition from the federal government, but there's kind of this intrinsic value, especially with the military, where everything you do is to support the warfighter. That soldier who's in the field sacrificing on behalf of the country. At the university, there's that same kind of intrinsic value where everything we do is to support the mission of the university, which is to advance the student, the community and the world through research and other academic endeavors. Once I identified with those values that meant something to me and when I was presented with the opportunity to work at the university, I was able to identify a greenfield environment and take it and run with it to develop something brand new,” he says.
Highlights in the role
Within his security operations centre (SOC), he was able to hire part-time students. Baillio expressed that “we've never had them in a security organisation before, though the other IT groups had. By hiring part-time students, we were able to leverage them for tier one responsibilities. As they gain more tenure, they can be moved to more advanced projects such as scripting and automation. So that has been a really great opportunity to give back to the community, to train students and provide a legitimate cyber experience that they can then take into the career field. We've had some great students come through who have gone on to some amazing jobs after graduation. So that's been very rewarding.”
Highlights outside of his role include teaching as an adjunct professor to some of his students, hosting a cyber security class. every other year: “One of my classes started a cyber competition club at the school that competes in hacking events. And so that's been a lot of fun to participate in, to provide some mentoring and coaching and do some fundraising for that group,” adds Baillio.
Read the full story HERE.
Featured Interviews
From an infrastructure perspective, 2U is actually in a really good state because we have a lot of infrastructure as code deployment builds, so have many security guardrails built into those CI/CD pipelines
