Cybersecurity is perhaps one of the biggest priorities for K-12 school districts across the country. IT leaders need to know “not when,” when developing a K-12 cybersecurity strategy that protects school networks and sensitive information from hackers, phishing, ransomware, and other external (and internal) threats. I agree that this idea is essential.
The eSchool News Innovation Roundtable focused on cybersecurity, moderated by eSchool News Content Director Kevin Hogan, featured district IT leaders discussing the challenging and ever-evolving topic of K-12 cybersecurity. I considered it. Roundtable participants include:
- Phil Hintz, Chief Technology Officer, Niles Township District 219 (Illinois)
- Greg Limperis, Director of Technology, Lowell Public Schools (MA)
- Sandra Paul, Director of Information Technology, Township of Union Public Schools (New Jersey)
- Mohammed Saleh, Deputy Chief Technology and Management Information Systems Officer, Paterson Public Schools (New Jersey)
- Paul Sanfrancesco, Director of Technology, Owen J. Roberts School District (Pennsylvania)
Key takeaways and insights from the roundtable include:
Multi-factor authentication (MFA) is critical to a school district's cybersecurity strategy.
“MFA is the easiest thing to do,” Sanfrancesco said. “It's the first line of defense, and it's the simplest, cheapest, and most effective right now.”
Discussions around MFA often hit roadblocks, but working with unions can help overcome pushbacks if district employees don't want to allow access to personal devices or seek alternatives to MFA. You can clear up any misunderstandings.
“I went in front of the union and told them how passionate I am about cybersecurity, not just the staff, not just the members, but the students as well,” Saleh said. Ta. “The email probably contains confidential student information. It's our collective job to make sure that information is safe. It's our responsibility. Fortunately, We got buy-in on this. More and more people are enabling MFA, and it's now mandatory.”
Managing the people in your district can be just as difficult, and sometimes even more difficult, than the various programs, testing, and monitoring solutions you have in place.
IT leaders often deal with a small number of staff members who are not tech-savvy and resistant to change.
“We have to find ways to make their lives easier, because some of them have very limited frying pans and have been teachers for 40 years and have not grown up with technology. We will have to put a lot of effort into training, because there are also people,” said Limperis.
Networking is key.
“Grow your knowledge base,” Sanfrancesco says. “There are a lot of free systems and entities out there. Be part of a network. Having the ability to network with others and people doing the same thing is most important.”
“Networking is a big thing for me. I wouldn't be where I am today if I didn't gain knowledge from the people around me,” Saleh says.
If in doubt, decide on a starting point.
“You just have to do it one thing at a time,” Hintz said, noting that NIST, K-12 Six, and CoSN are great starting points for working on a K-12 cybersecurity strategy. “You have to start with the end in mind. If you start right away, you can plan your roadmap. Make a Plan [with] Support it in the Cabinet first and get everyone at the top on board with it. Cast that vision and then start working on that vision. Plan your work and then execute your plan. ”
Understand tools and resources.
Here are some of the solutions and professional organizations that IT leaders use to maintain network security and stay up to date.
Related:
Here's how to protect your school from cyberattacks in 2024
Get the latest K-12 innovation news
For more cybersecurity news, visit eSN's IT Leadership Hub.
Laura Ascione is Editorial Director at eSchool Media. She is a graduate of the University of Maryland's prestigious Philip Merrill College of Journalism.
